We’ve pulled together some standout quotes from experts in this WIS edition. Read their thoughts by clicking through “Voicing the Issue.”
Phishing websites attempted to exploit Facebook 2.2 million times.
For the period reported, the EMA region, Europe, the Middle East, and Africa was the leading source of all zombie IP addresses.
There were 3,085,334 attacks in the United States last month, primarily originating from Seattle; Columbus, Ohio; New Providence, N.J.; Boston; and Houlton, Maine.
This week in new studies, nearly all SAP Systems were found to have major vulnerabilities that remained unpatched and that criminal attacks accounted for the majority of health device data breaches. For a closer look at these articles, click here to visit our news section.
Check out some of the photos from a night that featured some of the most notable names in the security industry. Here's a look at some of the action on the night of the 2015 SC Awards U.S.
Google and Facebook were among the top 5 names used in phishing schemes.
Argentina, the United States and Vietnam were among the top producers of zombie IP addresses following Russia.
The RSA Conference dominated media coverage this week, along with studies regarding OpenSource Software and the past year's threats. For a closer look at these articles, click here to visit our news section.
Multiple studies were released this week including one that pointed out the banking industry's lacking security protocol for third-party vendors. Also this week, Oracle and Microsoft issued patches for their systems. For a closer look at these articles, click here to visit our news section.
NIST released a draft for final comments earlier this week with a deadline of mid-May. Later in the week, researchers discovered online forums redirecting users to the Fiesta Exploit Kit. For a closer look at these articles, click here to visit our news section.
For the period reported, the EMEA region (Europe, Middle East, Africa) was the leading source of all zombie IP addresses.
This week President Obama beefed up the United States' possible cyber attack recourse, and IBM invested $3 billion in a new Internet of Things (IoT) unit. For a closer look at these articles, click here to visit our news section.
For the period reported, the EMEA region (Europe, Middle East, Africa) was the leading source of all zombie IP addresses. Of all the countries that make up the EMEA, Germany was the top producing country.
Early this week legislators announced that they would be introducing a privacy bill for students, and researchers discovered a vulnerability that, at one time, impacted more than three-fourths of Android users. Later during the week, Twitch attracted the attention of scammers, and adult website XTube had its users' information compromised. For a closer look at these articles, click here to visit our news section.
Premera Blue Cross announced this week that up to 11 million of its members might have had their personal information compromised. Also this week, Google decided to have its Play Store apps reviewed ahead of their inclusion in the store, and the freshly edited CISA bill didn't satisfy privacy advocates. For a closer look at these articles, click here to visit our news section.
There were 2,929,628 attacks in the United States last month, primarily originating from New York Dallas, Los Angeles, Miami and Chicago. There were also 30,702,677 foreign attacks last month primarily originating from Amsterdam, Berlin, Ukraine, Portugal and Madrid.
Hillary Clinton was under pressure this week after it came out that she used her personal email address during her tenure as secretary of state. Also this week, Uber, Natural Grocers and Mandarin Oriental Hotel Group began investigating data breaches. For a closer look at these articles, click here to visit our news section.
Anthem clarified the exact number of people affected by the company's data breach in each state, and a vulnerable Google Maps plug-in for Joomla allowed attackers to spoof the source of DDoS attacks. For a closer look at these articles, click here to visit our news section.
The U.S. accounted for more than 70 percent of attack volume in November 2014. Also this month, U.S. hackers most commonly used the Upatre Downloader troajn.
Kaspersky Lab had plenty to share this week regarding espionage campaigns, the co-creator of the infamous BlackShades RAT plead guilty, and a new report indicates that NTP DDoS attacks are still popular among cybercriminals. Here's a roundup of the news this week that you may have missed. For a closer look at these articles, click here to visit our news section.
This past month, Anonymous took credit for attacks on Mexican government and academic websites, and an Iranian group is suspected of infiltrating more than 50 organizations in 16 countries.
This week's top news items include a new report on car hacking, new updates to Samsung Smart TV's privacy policies, Patch Tuesday security releases and more. For a closer look at these articles, click here to visit our news section.
The second largest health insurance provider in the country had its systems breached and BMW patched a vulnerability that could have allowed hackers to physically access a vehicle. For a closer look at these articles, click here to visit our news section.
This week, the Federal Trade Commission (FTC) expounded on previous comments surrounding the inherent risk in the Internet of Things (IoT) by releasing a detailed report. Also this week, ransomware was documented, for the first time, as dropping trojans and malware on infected users' systems. For a closer look at these articles, click here to visit our news section. Read more
President Obama gave his State of the Union speech this week and allotted some time to cyber security endeavors. In response to the Administration's proposed revisions to CFAA, the security community voiced dissent online. For a closer look at these articles, click here to visit our news section.
In a Dallas courtroom on Thursday, writer and activist Barrett Brown was sentenced to 63 months in prison – minus about two years of time already served – and was ordered to pay a little more than $890,000 in restitution and fines, according to reports. Click here for the full story.
This week pro-ISIS hackers compromised the U.S.Central Command's Twitter and YouTube accounts, and President Obama gave a speech on the future of data breach laws. For a closer look at these articles, click here to visit our news section.
This week started out with a elevation of privilege flaw in Windows 8.1 being detailed online before a patch was issued. Later in the week, Gogo, a provider of inflight WiFi, was caught using fake Google SSL certificates. The week closed with a warning from FTC chairwoman Edith Ramirez on security and privacy issues surrounding Internet of Things (IoT) devices. For a closer look at these articles, click here to visit our news section.
Sony's breach continued to worsen this week with the attackers successfully getting the studio to cancel its premiere of The Interview and pull it from theaters. A landmark case was made under HIPAA compliance, which could have major implications for IT security professionals at medical service providers. For a closer look at these articles, click here to visit our news section.
Sony's massive breach that spawned leaked emails and movies took over headlines this week. We also launched our annual Reboot section. For a closer look at these articles, click here to visit our news section.
Yet another year produces a collection of phenomenal security products. Here's a list of what our SC Labs team deemed the "Best Buy" products in 2014. Click hereto read more.
Our SC Labs team always recommends products it believes IT security professionals should consider. Here's a list of the "Recommended" products in 2014. Click hereto read more.
Dick Cheney probably wasn't thinking about hackers when he had his heart defibrillator installed, but the possible threat was later addressed when the defibrillator's wireless function was disabled. This story, among others, made up some of the strangest in the security space.
Technology continues to change, and in a short time, the industry has transformed to adapt to threats and new needs. Our list covers some of the major advancements.
Thanks to a little luck, the inevitable missteps of over-ambitious cyber crooks and the kind of solid investigative work that would make Eliot Ness beam with pride, over the last decade law enforcement agents have arrested some top names in cyber crime, busted up identity theft rings and taken down dark websites. While jails are not teeming with cybercriminals nor have those efforts made a significant dent in cyber crime, their impact is being felt. What’s more impressive – many of the arrests are the culmination of aggressive, coordinated efforts between local, state, federal and international law enforcement agents.
It's business as usual in the tech world with acquisitions and mergers for millions of dollars. This list profiles some of the biggest.
Although threats are a constant in the security world, new ones continue to pop up as attackers design new tactics. This list mentions some of the major threats the security community has seen.
From health care providers to grocery store chains to retailers, no business is safe from the reach of hackers. Breaches dominate general media headlines and these top incidents have impacted millions of people's information.
Iranian hackers are targeting critical infrastructure and a new point-of-sale malware is being tested. For a closer look at these articles, click here to visit our news section.
This week, the State Department was hacked, marking the fourth U.S. government entity to suffer a breach in recent months. Also this week, vulnerabilities were identified in three Advantech products. For a closer look at these articles, click here to visit our news section.
Some of the top professionals in the information security industry gathered in Chicago for the highly anticipated SC Congress event. With featured keynote presentations and insightful panel discussions on some of the most prevalent industry topics, this event provided the perfect opportunity to gain knowledge and network with other pros.
The United States Postal Service (USPS) announced that its employees' information was compromised in a recent data breach, and Microsoft issued critical patches for Windows and its other products. For a closer look at these articles, click here to visit our news section.
A Canada-based telecommunications company released its first transparency report, which divulged that the company had received 103,000 requests in 2013 for data. Across the world, a karaoke bar chain in Singapore had the information of 317,00 members compromised.
Researchers discovered a new Backoff variant this week. Also, more details came out about the APT group The Sandworm Team. For a closer look at these articles, click here to visit our news section.
Home Depot's breach was the largest in September and one of the most expensive, this month's threat stats indicate. This month's stats also show that the U.S. was the most targeted in phishing attacks and accounted for 61 percent of attacks.
Sergei Tsurikov was sentenced to 11 years in prison after he helped steal more than $9 million from a payment processor. This week also yielded research that suggested point-of-sale (POS) malware attacks increased greatly in Q3. Up to 138,00 events could be seen in one day. For a closer look at these articles, click here to visit our news section.
Again this month, Iran was the producer of the most zombie IP addresses. Also, Norway launched the largest-ever campaign to warn its country's oil and energy companies of possible cyberattacks. The warning came after spear-phishing emails targeted more than 50 organizations.
Staples began investigating a possible data breach in certain stores, and multiple heavy-hitting websites were found to be serving up malicious ads that could have put visitors at risk of downloading ransomware. For a closer look at these articles, click here to visit our news section.
August's data breach numbers came in this month and confirmed that Russian hackers were able to amass at least 1 billion username and password combinations, as well as 500 million email addresses. Plus, in September, the U.S. saw 2,246,129 targeted attacks that originated from American cities. Researchers also found that Asia-Pacific countries accounted for the largest amount of SMS spam at 5 billion per month.
News of POODLE broke this week and dominated headlines. Oracle and Microsoft issued patches, and researches discovered various ongoing attacks. For a closer look at these articles, click here to visit our news section.
So far this year, more than 75 million records have been exposed in data breaches, and on the heels of that news, JPMorgan Chase announced that its breach impacted 76 million households. Plus, SUPERVALU and AB Acquisition LLC are investigating their second breach. For a closer look at these articles, click here to visit our news section.
A Chinese security firm showed the world how it hacked the Tesla S Car. Also in this month's threats, Iran was declared the top producer of zombie IP addresses.
A vulnerability bigger than Heartbleed was disclosed this week, and Apple continued to battle its new iOS 8 issues with multiple updates. For a closer look at these articles, click here to visit our news section.
Along with the release of two-factor authentication for iCloud, Apple had one of its uncommon "Update Surprisedays." Researchers discovered a new Tinba variant and a watering-hole attack began targeting oil and gas start-up companies' website visitors. For a closer look at these articles, click here to visit our news section.
This week's news looked at a couple studies, one of which showed that the 6-year-old worm Conficker is still making its rounds. Home Depot's breach details continued to come out and Microsoft issued new patches. For a closer look at these articles, click here to visit our news section.
A celebrity nude photo scandal dominated the news this week. Apple denies that a vulnerability in its iCloud system let attackers steal the photos. Two major retailers might have suffered breaches this week: Home Depot and Goodwill. For a closer look at these articles, click here to visit our news section.
More than 800 million personal records have been involved in U.S. breaches since January 2005, according to new research from the Privacy Rights Clearinghouse. Also this month, IT security professionals are starting to have a higher perception of risk to corporate, industrial and governmental infrastructure because of cyber security threats.
A DDoS attack targeting the PlayStation Network downed the service for most of this past Sunday, and a zero-day vulnerability was exploited to get access to multiple banking websites. For a closer look at these articles, click here to visit our news section.
The big news this week was Community Health Systems' massive breach of more than four millions patients' data. In the meantime, however, a Chinese national was arrested and The Associated Press was denied a request for information. For a closer look at these articles, click here to visit our news section.
For a closer look at these articles, click here to visit our news section.
This week's news centers around our coverage of Black Hat in Las Vegas. In one session, a researcher detailed how he learned to control hotel rooms devices. In another, airport security devices' vulnerabilites were discussed. For a closer look at these articles, click here to visit our news section.
Black Hat 2014 once again brought in some of the brightest minds in the information security field to showcase their skills. From discussions revolving around privacy, vulnerabilities, and state-sponsored malware, to educational training sessions, this year's event delivered plenty of fodder. Here's a look at the conference action. Photo Credit: Black Hat 2014
This year's conference hits on various timely issues, including smartcards, the National Security Agency (NSA) and incident response plans.
This week, the Electronic Frontier Foundation (EFF) requested that a court find the National Security Agency (NSA) in violation of the Fourth Amendment, and a separate court case fined 14 companies more than $5 million for trying to sell fake anti-virus tools. For a closer look at these articles, click here to visit our news section.
Whistleblower Edward Snowden called into a New York City conference last weekend to chat with the Pentagon Papers' leaker Daniel Ellsberg. Additionally, eBay is facing a class-action lawsuit in the wake of its breach. For a closer look at these articles, click here to visit our news section.
This week, one study found that more than 75 percent of IT staffers have incorrectly reported the cause of a security incident to their company's executives, and another found that nearly a third of IT security teams never speak with company executives. For a deeper look at these news bits, click here to visit our news section.
Erasing an Android's memory might make its contents appear to be erased, but in actuality, a savvy hacker could easily recover sensitive data, according to AVAST researchers. Also this week, a bill passed the Senate allowing for the private and government sector to actively communicate cyber security threats between each another. For a deeper look at these news bits, click here to visit our news section.
A U.S. baseball team's trade conversations were posted online and billions of dollars were stolen from Brazil this week. Plus, a new malware strain is showing up in the U.S. For a deeper look at these news bits, click here to visit our news section.
We're only halfway through the year and already we've seen multiple large-scale breaches. The year's been marked by retailer breaches, including Neiman Marcus, Michaels, Sally Beauty and Smucker's. But they're not the only targets. We've narrowed down this year's breaches to find the most impactful and relevant so far.
In this week's news, the Syrian Electronic Army struck again, but this time, the group targeted the ad network Taboola. In additon to that attack, a massive phishing campaign is targeting online dating websites. For a deeper look at these news bits, click here to visit our news section.
The action continued at the Metro Convention Centre in Toronto for day two of the 2014 SC Congress conference. With more intriguing panel discussions and keynote presentations on the industry's most pressing issues, this year's event brought together security professionals for a learning and networking experience that's incomparable.
Security professionals flocked to the Metro Convention Centre in Toronto for day one of the highly anticipated SC Congress event. Here's a look at some of the action during the sessions and throughout the conference space.
Our global threat map yet again highlights cyber attacks that have taken place throughout the world. In one case, a hacker accessed an Ohio child's baby monitor, which was then used to scream profanities.
This week's prominent news includes the arrest of an infamous hacker, small businesses being hit by new point-of-sale malware, and a big restaurant chain launching an investigation into a possible data breach involving customer credit cards. For more deeper look at these news bits, click here to visit our news section.
This month's threat stats look into U.S. and international hackers' attack preferences. U.S. attackers favor the Allaple.A worm, whereas foreign hackers often harness the Zero Access trojan.
This month's global threats map includes some significant events that took place in Canada, as well as the UK and Australia, where a vulnerability in Optus modems put cable subscribers at risk.
Our threat stats for this month once again feature an array of statistics gathered from various industry sources. Believe it or not, the Zeus trojan still ranks in the top five attacks to plague U.S. companies.
The infamous Heartbleed bug once again made headlines this week, as well as news coming out of the Pentagon regarding its security workforce, and a new development in the investigation into the potential Michaels credit card breach. For more insight on these articles visit our news section by clicking here.
Citing “two people familiar with the matter,” Bloomberg reported on Friday that the National Security Agency (NSA) was aware of the SSL/TLS encryption-breaking Heartbleed bug for at least two years before the now infamous flaw caught the attention of the world earlier this week. Shortly after, on its public affairs Twitter account, the NSA said it was not aware of the vulnerability until it was made public. SCMagazine.com continues to investigate these allegations, but in the meantime has gathered immediate Twitter responses from renowned security experts and privacy advocates in the industry.
Considered one of the most significant internet security vulnerabilities to date - affecting websites, emails, direct messages and other communications utilizing SSL/TLS encryption - the 'Heartbleed Bug' quickly made headlines around the world. Security experts have plenty to say about the vulnerability, and we've compiled the opinions of some of them in this slideshow.
In our April Threat Stats, we look at the 400,000 samples of mobile malware collected since the end of November, as well as the top breaches in February.
This week's news review features stories on the recent class-action suit filed against Target and Trustwave, a study on Advanced Evasion Techniques, and news on millions of home routers that enable DNS amplification DDoS attacks. For more deeper look at these news bits, click here to visit our news section.
Another week in information security brings us major news items that involve more Snowden leaks, the president proposing new legislation on government surveillance, and interesting research by experts that indicates how smart TVs don't have smart security.
This week's news included another retailer confirming a breach, a nasty trojan compromising thousands of Unix and Linux servers, and a new study indicating that nearly $500 billion will be spent in 2014 on recovery initiatives when dealing with data breaches and malware. For more deeper look at these news bits, click here to visit our news section.
Breaches taking place at major retailers around the nation have the industry on high-alert. Even the government has asked these chain stores to expect more security incidents involving customer credit cards. Here's a brief look at some of the top events that have shaken the retail industry.
According to our March global threats, there were some major events that took place in Canada, including a breach in Montreal where customers of telecom company Bell Canada had their usernames and passwords swiped.
As per usual, there was a lot to cover this week in the industry. Here's a quick look at some of the top news stories the week has to offer. For a more in-depth look at each, visit our news section.
After analyzing zombie IP addresses, this month's threat stats indicate that India and Russia have each had increases in spam from December 2012 to January, while China had a major decrease.
It was a night that featured some of the most notable names in the security industry. Here's a look at some of the action on the night of the 2014 SC Awards U.S.
This month's global threat map shares some of the most notable information security incidents around the world, including a hack in Bell County, Texas where hackers compromised the phone system.
It's no surprise that this month's threat stats reveal that the largest breach to take place in December involved Target, where 40 million individuals were affected by the point-of-sale malware that swiped the data.
January's global threat map shows where some of the major cyber incidents have taken place around the globe. During the past month, Russia was the top producing country of zombie IP addresses.
According to this month's threat stats, the top breach to take place in November involved Baltimore County where a contractor saved the personal information of county employees for reasons unrelated to work.
Our big event in Chicago once again brought in some of the most respective professionals in the security industry. Here's a brief look at some of the action that took place in the Windy City.
According to this month's threat stats, the United States leads the way in the top five regions of the world that receive the most spam with 17.37%.
Security professionals flocked to the Big Apple for this year's SC Congress event at the Metropolitan Pavilion in Manhattan to sit in on sessions featuring notable industry minds. Here's a look at some of the action at the recent event.
This month's global threat report once again features a slew of activity from big events in North America, to a massive leak of information in Japan.
According to this month's threat stats, when it comes to spam received, the United States leads the rest of the world.
This month's global threats include hackers attacking Miss Teen USA, data leaked in Belgium, and miscreants compromising the website and database of the Police Nursing College in Thailand.
The latest threat stats from the September issue indicate that the top breach in July took place at Texas Health Methodist Hospital, where 277,000 records were compromised.
There's never a dull moment in information security. Here's a look at some of the top incidents involving cyber crime that recently took place around the world.
According to this month's threat stats, the largest decreases in zombie activity occurred in Belarus and "other" South American nations. This slideshow features a look at some other insightful statistics from around the world.
The action continued on day two of the Black Hat briefings in Las Vegas, with hoards of security professionals networking, and some of the most impressive research of the year on display.
Las Vegas was buzzing for the first day of the Black Hat conference briefings at Caesars Palace Hotel and Casino. Here's a look at some of the action.
The top researchers in the world will descend upon Las Vegas next week for the highly anticipated Black Hat conference. This year's event features a record 110 talks. While you won't be able to attend them all -- unless perhaps you're the NSA -- we've made a handy list of 11 sessions spread over two days that you won't want to miss. Grab the popcorn. It's going to be good.
This month's global threat map once again highlights cyber crime taking place around the globe, including Anonymous and the Syrian Electronic Army's recent DDoS assault on the Turkish government.
We're only halfway through the year, but there has been plenty of action in courtrooms around the nation involving information security. Here are four notable cases that we've covered in 2013.
This month's threat stats continue to indicate that the ZeroAccess trojan is still the malware of choice for U.S. hackers.
Midway through 2013 we've sorted through the endless breaches that have already taken place, and have decided on what we believe are the top incidents in 2013 thus far. Don't forget to check out our "breaches" section for more information on the topic.
Yet another successful SC Congress event wraps up in Toronto! Here's a brief look at some of the action that took place on the second day of the conference. Photos: Michelle Yee
Day one of SC Congress Toronto was a massive success, featuring talks by some of the industry's brightest minds. Here's a look at some of the action at the annual event. Photos: Michelle Yee
June's global threats highlight a multitude of cyber crimes across the globe, including a phishing ruse ran by 18 students in Alaska.
According to our 2013 June threat stats, the largest decrease in zombie IP activity was in Russia and Vietnam, while the figure for other countries increased yet again.
Here's a quick look at the pros and cons of some of the digital forensic tools currently on the market, as reported by the SC Lab team.
This infographic created by TrendMicro, gives insight into how cyber criminals are improving in ways to steal money. Click here for the full infographic.
Out of a small list of options, we asked our readers who they believed presented the biggest cyber threat to U.S. companies. Here are the results of the poll along with additional statistics.
This infographic, created by Ping Identity, discusses the problems with password proliferation in the enterprise, and how the cost of common security measures may be more than some expect.
This infographic created by WhiteHat Security, provides insight into the state of website security and issues organizations face today.
This month's threat stats indicate that the encounter rate of web malware across the retail and wholesale industry was over 100 percent.
In this month's global threat map, events across the globe are highlighted that include the sentencing of a man who ran a phishing ring in the United States.
The final day of the conference held in London may have ended earlier than the first two, but the showroom floor was still buzzing from start to finish. Here's a brief look at day three.
The action continued on Day Two of the InfoSecurity Europe conference in London. With engaging and compelling presentations, keynotes, and panel discussions, there hasn’t been a dull moment.
Security professionals from all over Europe flocked to London for the start of the InfoSecurity Europe 2013 conference. Here's a brief look at the first day.
The SC Labs team took a look at some of the latest SIEM products on the market and reported the pros and cons. Here's a look.
In a recent online poll we asked our viewers if they thought President Obama's recent cyber security executive order was good enough to improve information sharing. Here are the results including additional stats.
In this inforgraphic, AlgoSec illustrates the findings of a recent survey in which security, network operations and compliance professionals shared their concerns and challenges with securing and managing increasingly complex networks.
Among other notable factoids, this month's global threats map indicates that Belarus was the leading source of all zombie IP addresses.
Sign up to our newsletters
SC Magazine Articles
- Zero-day in Fiat Chrysler feature allows remote control of vehicles
- 'GSMem' malware designed to infiltrate air-gapped computers, steal data
- All smartwatches are vulnerable to attack, finds study
- Fake games in Google Play redirect Android users to porn sites
- Apple App Store and iTunes buyers hit by zero-day
- Google Drive influences new phishing campaign
- Researcher finds several vulnerabilities in PHP File Manager
- Survey: Nearly all Americans support and want retaliation for cyberattacks
- 'Black Vine' group breached Anthem, leveraged zero-day bugs in various campaigns
- Data on 5,300 Healthfirst members caught up in fraud scheme