On a recent flight, a Google engineer discovered that SSL certificates were being signed by Gogo, not Google.
Staff member credentials were used to access ICANN systems after spearphishing campaign that began in November.
A report from DellSecureWorks Counter Threat Unit revealed hacker training tutorials, replacement guarantees and a drop in RAT prices.
Researchers at Cylance have been monitoring a group out of Tehran, called Operation Cleaver, that it believes is gearing up for a massive attack on critical infrastructure.
Kaspersky Lab researchers are confident they have identified the first five victims, or patient zeroes, of the Stuxnet worm.
The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.
A survey of Canadian business execs found that just over a quarter had experienced a cyber attack.
Careful control of administrator rights in the very foundation of IT Security. Allowing admin rights exposes a dangerous security risk, creating an easy entry point for advanced persistent threats, zero-day attacks and sophisticated malware.
The CryptoWall ransomware being delivered comes with a valid digital signature and initial VirusTotal results showed zero detections.
Disgruntled and former employees have been increasingly engaging in computer network exploitation and disruption.
Fake emails that appear to come from an authentic LogMeIn address state that the company has released a new security certificate.
Since the year's start, the number of exploits used by the kit has doubled, Trend Micro found.
Retail organizations have long been the target of financially-motivated crime. According to Verizon, 92% of the retail breaches they've studied were committed by external actors.
WordPress is the most-used content management system (CMS) in the world. More than 60 million websites, or 22.9% of the internet, use WordPress for content creation.
Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those within a particular industry.
Nuix believes the malware found on Home Depot's systems belongs to a different threat family.
On July 9, 2014, the Cybersecurity Information Sharing Act (CISA) passed the Senate Intelligence Committee in a 12-3 vote. The legislation encourages threat information sharing between government and the private sector
On Monday, the University of New Haven revealed its first video in a series of security findings.
Salesforce posted a notification that its users are possibly being targeted by Dyre malware and offered some recommendations to avoid the threat.
Out of 16,000 business users who took the McAfee Phishing Quiz, 80 percent fell for at least one of seven phishing emails.
The backdoor, called "XSLCmd," was detected in earlier attacks on Windows systems, FireEye found.
Apple's CEO said the company will begin using email and push notifications to alert users to passwords changes in any iCloud account.
Late last month a group of attackers targeted the web hosting company's login portal to try and access users' accounts.
High-Tech Bridge discovered two SQL injection vulnerabilities in All In One WordPress Security and Firewall plugin and notified the vendor.
Android devices in Korea have primarily been impacted by the malware.
Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.
Trend Micro first alerted the public to the backdoor affecting Netis and Netcore brand routers.
Protecting your organization from attacks brought into the system by email is an ongoing challenge, says Peter Stephenson, technology editor.
The interruption of the cyberattack kill chain through the use of intelligence-driven security has been touted as the better way forward.
Today's CISO must stay ahead of attackers, says Gene Fredriksen, CISO at PSCU. Teri Robinson talks one on one with the industry veteran.
Sign up to our newsletters
SC Magazine Articles
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- New attack uses ransomware to drop trojans and keyloggers
- 'GHOST' bug in Linux library enables remote takeover of victim's system
- Firm finds link between Regin spy tool and QWERTY keylogger
- Report: From Q3 to Q4, 90 percent increase in global DDoS attacks observed
- Researchers observe databases being encrypted, websites held for ransom
- ZeroAccess botnet reactivates, click fraud activity resumes
- BCBS of Tennessee shares personal data on 80K in marketing campaign
- Tips for organizations in the wake of the biggest corporate hack in history