Web Security News, Articles and Updates
A letter has gone out to customers of Jerry's Artarama advising that its online portal "may have been attacked" by a hacker and customer information "may have been compromised."
Personal information of Illinois voters is believed to have been siphoned in a cyberattack, possibly of foreign origin.
Troy Hunt, an Australian researcher, tweeted out a warning of a dump of some 71,000 user accounts leaked from MinecraftWorldMap.com.
Several web pages associated with the former file-sharing site Megaupload - seized by the FBI over four years ago in an online piracy investigation - are now serving up pornographic content and junk ads.
A Chinese certificate authority mistakenly handed out legitimate user certificates for Github and the University of Central Florida (UCF) to a couple of unauthorized users.
Opera is alerting customers of its web browser that its sync system was breached.
Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.
Although a ransomware attack hit the city of Sarasota, Fla. in February, owing to an ongoing criminal investigation, details of the attack are only now being revealed.
Tarah Wheeler, whom Symantec recently hired as principal security advocate and senior director of engineering for its Website Security team, is reportedly pledging to foster ties with the independent hacker community.
In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.
WikiLeaks' practice of delivering unfiltered information to its readers backfired after a researcher discovered that its collection of leaked Turkish government emails contained over 300 active links to malware files hosted on the controversial site.
Software company Lavians Inc. is offering free utilities applications for download that actually contain the Bing.vc browser hijacker software, Intel's McAfee Labs warned in a blog post yesterday.
As the FBI investigation into the hack of the Democratic National Committee broadens, it is being reported that the private email accounts of Hillary Clinton and more than 100 Democratic officials also have been breached.
Spyware that was recently found to have infiltrated Vietnam Airlines has also embedded itself in the website operations of various Vietnamese institutions, warned cybersecurity firm Bkav, the Vietnam News Agency reported.
The website hosting the online form for Australia's national census was brought down by a series of DDoS attacks on Tuesday, temporarily preventing some of the country's citizens from participating in the population survey.
Facebook users are being lured into giving up their credentials in response to alarming messages about terror incidents and celebrity deaths.
Michael Phelps is a world champion in the swimming pool, but on the Internet he just got blown out of the water by an apparent distributed denial of service (DDoS) attack that shut down his commercial website.
In an analysis of five separate manufacturers' web servers running on the new HTTP/2 protocol, cybersecurity firm Imperva found that all five were vulnerable to at least one of four high-profile denial-of-service vulnerabilities.
A new technique unveiled at Black Hat can attack the SSL/TLS and other secure channels purely in the browser.
Version 48 of the Mozilla's web browser Firefox has just been released offering new features intended to improve the stability and security of the browsing experience.
Cybersecurity expert Dan Kaminsky called upon members of the information security community to more openly share innovations, ideas and code to preserve the Internet and its freedoms before they are "regulated into destruction."
The upcoming contest could prove more problematic than ever for IT security professionals.
Google has enhanced encryption on its google.com domain with the rollout of HTTP Strict Transport Security (HSTS).
Several websites using the FreeDNS hosting service from NameCheap have had visitors redirected to malicious, cloned sites via an IP address that once hosted command-and-control servers for the Conficker worm.
Today sees the end of free upgrades to Windows 10. Security requirements drove twice as many organisations in EMEA (28 percent) to upgrade to Windows 10 compared to North America (14 percent).
A robust underground marketplace for the sale of stolen products from compromised accounts as well as shady online services has been detected in Russia.
A researcher earned $10,080 from Twitter's bug bounty program after discovering he could access a supposedly private online registry that led him to the complete source code for Twitter's Vine video-sharing service.
White hat hackers seeking a $20,000 bug bounty were able to gain remote code execution and tap into the inner workings of popular porn site Pornhub.
Google has removed a group of malicious browser extensions from its Chrome Web Store, after an independent researcher discovered the programs were hijacking users' Facebook accounts for click-fraud purposes.
Researchers at Sucuri has uncovered a sampling of novel e-commerce attacks that combine the classic duplicity of phishing schemes with the insidiousness of malicious webpage redirects.
SC Magazine Articles
- Three zero-days found in iOS, Apple suggests users update their iPhone
- MedSec goes its own way with medical device flaw
- Voter databases in two states breached by foreign hackers, FBI
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet
- Ransomware: The evolution of cybercrime, a roundtable
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!
- SWIFT warns of new attacks, pushes for security upgrades
- Paypal users targeted in new angler phishing scam, Proofpoint report
- Dropbox commended for its handling of massive data breach involving 68M users
- Google refuses to patch alleged login page flaw
- RIPPER malware suspected behind $350K Thailand ATM heist, report