The Chinese government arrested a group of hackers within its borders at the request of the U.S. government, anonymous U.S. officials told the Washington Post.
President Barack Obama and his administration's stance on encryption was released this week after months of speculation and debate.
U.S. authorities have concluded that three Chinese companies benefited from intellectual property stolen from U.S. companies as part of a corporate cyberespionage campaign conducted by the Chinese military.
Despite the hack of LoopPay, whose technology is at the heart of Samsung's mobile payment system, the electronics company said its Samsung Pay is secure.
Verizon will start sharing user data, including the use of a controversial code tracker, with the AOL Advertising Network.
A federal jury in California convicted former Reuters deputy social media editor Matthew Keys of conspiring to help the hacktivist group Anonymous hack into the LA Times and alter its website.
The amount of financial damage a cyberattack inflicts on a company depends on many variables, but on average an enterprise-level corporation can expect to pay out more than $550,000 to recover from a typical attack.
As Uber continues to investigate a data breach of its drivers database, Reuters came out with a report Thursday claiming that the car service app's primary suspect is also its main rival: Lyft.
Mikko Hyppenon's presentation at IP Expo Europe, entitled Securing Our Future, described corporates as a new threat actor, and declared 'smart' anything another word for 'exploitable'.
Representative Ted Lieu, D-Calif., and Rep. Steve Russell, R-Okla., wrote a letter to the Acting Deputy Director for Management David Mader and implored him to move security clearance data out of OPM.
Three U.S. senators are looking for answers from T-Mobile and Experian regarding the data breach last week that led to 15 million people having their personal information compromised.
The future of cyber-security in the Internet of Things lies in the creation of an Internet of Identities, according to Rik Ferguson.
The UK National Crime Agency (NCA) has said that a cyber-criminal has taken control of computer webcams to spy on people having sex.
Researchers at enSilo spotted malware dubbed "Moker" that can alter security measures and take complete control of a victim's computer.
After the European Court of Justice declared the EU-US Safe Harbour invalid Tuesday, U.S. lawmakers are considering the decision's potential impact on the Cybersecurity Information Sharing Act (CISA).
Cybersecurity is a technical challenge. But it also usually has a legal and regulatory aspect as well.
Yet another adware campaign stemming from China has been identified, and in this fresh go, victims' Android device can be completely taken over.
The CTU, the Dell SecureWorks research team, uncovered fake LinkedIn profiles and an extensive, convincing network created by the Iran-based Threat Group 2889.
A malware campaign using the Angler Exploit Kit that generated $60 million per year through ransomware was shut down due to the work of a Cisco research team.
The modem flaw could have enabled hackers to take over PCs and launch DoS attacks
Four teens and an adult were arrested in connection with two major DDoS attacks against Netherlands' internet provider Ziggo in August.
Even before an organization is breached, these processes should be put in place to limit damage, bolster technical defenses and help repair the brand, reports Larry Jaffee.
Patreon, a crowdfunding platform that helps artists and musicians fund creative projects, was hacked last week in an attack that has exposed the personal information of 2,330,382 anonymous donors.
By upholding three claims against Coca-Cola, a U.S. District Court in Pennsylvania lets a class action lawsuit stemming from a 2014 breach move forward.
In a decision with widespread implications for the international transfer and processing of data - and the companies that provide these services - the European Court of Justice has ruled the EU-US Safe Harbour pact invalid. Experts are warning of massive disruption to international business.
The Ponemon Institute and Hewlett Packard Enterprise released their annual cost of cybercrime study, the result sof which indicted that companies spent more this year to combat digital threats.
Edward Snowden's appearance on last night's Panorama, and his phone hack allegations fail to shock security experts.
A vicious phishing attack is currently running rife in Germany targeting PayPal users, trying to get them to download what on the surface looks like the official PayPal app, but is actually a banking trojan.
Data that can be monetized is, simply put, a magnet for the bad guys. No matter whether your organization is big or small, if you have desirable data, you can no longer afford to wonder whether or not to invest in cybersecurity insurance.
Australian businesses are turning away from bitcoin since Australian banks made the move last month to close 13 of the country's 17 bitcoin exchanges' accounts.
The Government Accountability Office (GAO) found "persistent weaknesses" at 24 federal agencies that it said showed the problems the agencies have in "effectively applying information security policies and practices."
Civilian nuclear power facilities may be more susceptible to cyber attack than the public generally realizes, according to a report by the London-based think tank Chatham House.
Researchers in Singapore have developed a method to sniff the perimeter of an organization for unsecured printers.
Iphone malware around for ten months and over 100 apps compromised
Surveys report on the current state of DDoS attacks.
Even before an organization is breached, these processes should be put in place to limit damage, bolster technical defenses and help repair the brand.
Any users running Jetpack 3.7 or lower are at risk of having their WordPress website being completely taken over.
T-Mobile CEO John Legere pulled no punches expressing his disgust over a hack yesterday at its credit vendor Experian that compromised the personal information of about 15 million T-Mobile customers, and rightly so according to industry insiders who believe T-Mobile's image now may be badly tarnished through no fault of its own.
Ireland's Central Bank's deputy governor, Cyril Roux, has warned that it may only be a matter of time before a cyber-attack builds a problem that descends across the broader financial industry.
FireEye's EMEA president, Richard Turner discusses its new Advanced Threat Report
Pan-European operations can now be subject to the data protection laws of each country (not just the one they are established in) following a ECJ ruling yesterday.
Automotive industry running to catch up with cyber-security issues ahead of releasing first autonomous cars onto nation's highways.
Apple addressed numerous vulnerabilities with the release of OS X El Capitan v10.11, iOS 9.0.2, and Safari 9 this week.
FBI agents seized a child pornography website and then tracked users, one of whom they arrested on Staten Island earlier this month.
Director of National Intelligence James Clapper warned in testimony before the Senate Armed Services Committee that cyberattacks and threats from hackers are getting worse.
More than a billion Android mobiles are affected by a set of two critical Stagefright vulnerabilities that can be exploited to take complete control of a device.
Chip, or EMV, credit cards usage will become the retail standard as of today, but whether or not this high-tech payment method will improve security is still being debated between the retail and credit card industries.
Officials in the U.S. and Europe signed off on a data-protection agreement intended to lay out a process for how PII is safeguarded when exchanged across borders.
Can U.S. data protection laws protect privacy and preserve tech innovation and intellectual property?
Edward Snowden created a Twitter profile on Tuesday, which will likely allow him to further craft his public persona in advance of a possible U.S. trial.
The 22-year-old was sentenced to four years and six months in prison for widely distributing and installing a popular banking trojan known as Citadel.
Businesses must prioritize protecting their security keys and certificates or leave themselves open to losing customers, system outages, audit failures and possibly failing, according to a report from the Ponemon Institute.
The Foreign Intelligence Surveillance Court (FISC) appointed criminal defense attorney Preston Burton as the first of five outside advisers to the secret court, according to a Sept. 24 filing.
Nearly 18 million people - or seven percent of U.S. adults - were victims of ID theft last year, according to a report from the Department of Justice.
The London Stock Exchange has floated a cyber-security Exchange Traded Fund (ETF) this week, marking the first time a fund of this kind has found its way on to the LSE.
Analysis of big data in real time provides a granularity of insight into normal network behaviour, allowing earlier identification of abnormal behaviour.
A security researcher at Google has discovered more zero-day exploits in Kaspersky's anti-virus software.
The Dyreza Trojan has re-emerged and is now targeting the IT supply chain
An arbitrary file upload vulnerability has been discovered in an iOS app that allows an attacker to deliver a malicious package during a file transfer operation.
Most corporations have nobody to blame but themselves when it comes to making themselves open to non-targeted online attacks with the average company leaving known vulnerabilities open for months giving hackers more than enough time to take action, according to a study by Kenna Securities.
Threat actors are leveraging a botnet made up of infected Linux machines to launch powerful distributed denial-of-service attacks.
Women didn't increase their numbers in security over the past two years, according to a report released by (ISC)², which found that women in the security workforce held steady at 10 percent.
Researchers at CloudFlare spotted a distributed denial-of-service (DDoS) attack that used mobile browsers to flood a site with 4.5 billion requests.
US officials believe that Sally Ann Jones, former British punk rocker, is looking to run the Islamic State's hacker unit.
The Swiss security firm Silent Circle today released the new edition of its smartphone that aims to help people control what info they share about themselves online.
Two new pieces of point-of-sale malware are affecting small and medium-sized businesses predominately in the U.S.
Facebook is now end-to-end encrypting its Internet.org website and issuing dual certificates for its Free Basics mobile browser.
The cyber security announcement made by presidents Obama and Xi on Sept. 25 is being met with a healthy dose of skepticism with industry insiders indicating the agreement will lead to little, if any, material change regarding cyber issues going forward.
A Tripwire study says UK IT professionals have more confidence in the cyber security literacy of their corporate board than their US counterparts.
Cisco has released security updates that address vulnerabilities in products running Cisco IOS Software and Cisco IOS XE Software.
Yahoo created its transparency report for the first half of 2015, which indicated an increase in the number of requests made by the U.S. government for user data.
Google is teaming up with industry researchers to study attacking cybercrime by hitting the bad guys where it hurts most, in the wallet, instead of simply building taller internet security walls around sensitive data.
The United States and China announced Friday that the two nations have agreed to initial norms of cyber activities.
Millions of Americans signed on with the Affordable Care Act for health insurance had their personal data put at risk for several months last year due to poor security practices in place at Healthcare.gov a federal audit found.
President Obama and Chinese President Xi Jinping met for a private dinner at the White House on Thursday evening amidst ongoing tensions between the US and China centered around the two nations' competing cybersecurity agendas.
The New York Institute of Technology 6th Annual Cybersecurity Conference was held on Thursday in Manhattan.
The 2000 Safe Harbour agreement between the European Union and the United States looks likely to be tossed in the shredder by the European Court of Justice.
Following the "largest compromise of the App Store ever," Apple attempted to do damage control while researchers picked through the findings for independent research.
The New York Institute of Technology 6th Annual Cybersecurity Conference was held on Thursday in Manhattan.
On the heels of reports that the White House was swaying toward supporting encryption and strongly disavowing legislation that would force companies to unlock customer smartphones and apps when presented with a court order, a working group in the Obama administration had mulled ways that encrypted communications could be unlocked.
Uber is attempting to squash the use of hacked customer accounts that have most likely been sold on the dark web and are currently being used in China.
Symantec is reporting that a new variant of Kovter malware is incorporating some characteristics of the Poweliks malware that broke onto the scene back in 2015.
Imgur, the photo-sharing website, has been exploited in a distributed denial-of-service (DDoS) attack.
Facebook announced that it will now support OpenPGP's standard elliptic curve cryptography (ECC) public keys
Internet infrastructure provider Internap is denying it is directly connected in any way regarding former Secretary of State Hillary Clinton's private email server, contradicting a story posted today by Breitbart.com.
The Securities and Exchange Commission (SEC) slapped St. Louis-based investment adviser R.T. Jones Capital Equities Management with a $75,000 penalty in a settlement over the firm's failure to establish cybersecurity policies and procedures before a breach compromised personal information of 100,000 people.
Mozilla released Firefox 41 on Tuesday, and with it comes patches for 19 security advisories, four of which were deemed "critical."
A proposed Indian encryption policy has been called harmful to security and privacy itself.
Security researchers have discovered adware which affects OS X and could be used as a doorway for Trojans.
Former AT&T Mobility LLC employees who schemed to illegally unlock wireless phones on the AT&T network have landed squarely in the crosshairs of a lawsuit filed in federal court by the mobile communications company.
Security ratings company BitSight Technologies published a rating of the security preparedness of organizations across six industries.
The dark web is beginning to emulate the traditional web in new and frightening ways, according to a Damballa blog post.
The trojan was detected by ESET as Android/Mapin and on Google Play it was observed packaged in a variety of applications since as far back as 2013.
Proofpoint detailed Arid Viper's repurposed attacks and malware and pointed to it as evidence that reusing malware is trending.
The American Civil Liberties Union (ACLU) in a Tuesday letter called for widespread encryption to secure Congressional and staff communications against foreign eavesdroppers.
The vast majority U.S. organizations are not prepared to properly respond to a cyber attack, according to a new study by the Ponemon Institute.
Symantec has discovered that unauthorized HTTP certificates were issued for Google webpages and terminated the employees who were involved in issuing the certificates.
A processor of crypto-currency has been the most recent victim in a massive hacking campaign which has seen the company lose 5000 bitcoins, currently valued at over a million pounds.
If you see this code and you are using Google Chrome, don't click it, type it in, copy it or even hover your mouse over it http:// a /%%30%30
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- Backdoor in MS Outlook webmail raises security doubts
- Chinese govt. complied with U.S. request to arrest hackers
- Obama administration will not push for legislation requiring mandatory encryption
- Data Security in the 21st Century: Understanding what data to protect
- Consumers need to up password security: Darren Guccione of Keeper Security
- U.S. authorities identify Chinese companies that benefited from military cybertheft