GroupSense researchers investigating an email address affiliated with Russia's Internet Research Agency for evidence of a botnet meant to exert influence on public opinions.
Cybercriminals waste no time breaking into experimental honeypot designed to look like ICS environment
A research honeypot set up to look like an electric company's power transmission substation network was compromised by a dark web hacker within two days of it going online.
A recently developed methodology for identifying Twitter bot accounts in large quantities has turned up a cryptocurrency scam botnet operation that leverages at least 15,000 bots to submit bogus tweets and likes.
The average bug bounty reward for finding critical vulnerabilities increased year-over-year by six percent from $1,923 to $2,041, according to statistics compiled from HackerOne's bug disclosure platform between May 2017 and April 2018.
Academic researchers say they have invented a transmitter that can secure billions of Internet of Things products by individually scattering each bit of data that a device wirelessly sends out onto different radio frequency channels, thus preventing attackers from intercepting a full packet and manipulating its data.
Fifty-eight percent out of 100 senior health care executives whose companies were involved in a recent merger or acquisition said in a new survey that their particular organization uncovered a cybersecurity problem with its newly annexed business after the deal was already consummated.
Using honeypots, internet scanning and connections to active nodes, researchers have estimated that anywhere from 0.6 to two percent of the entire Bitcoin network engages in suspicious or malicious behavior on a given day.
Ransomware was the most commonly detected malware in data breaches and related security incidents last year, climbing from fourth overall in 2016 and all the way from the 22nd spot five years ago, according to Verizon's just released 2018 Data Breach Investigations Report.
GAO report recommends stronger security controls for third parties that receive Medicare beneficiary data
The U.S. Government Accountability Office (GAO) last week publicly released a report warning that the Centers for Medicare and Medicaid Services (CMS) has failed to provide specific security controls guidance to research organizations with whom it shares Medicare beneficiary data.
An analysis of 26 email domains managed by the Executive Office of the President found that all but one of them lack sufficient DMARC protections against spoofing used in phishing and spam campaigns.
Health care device manufacturer Natus Medical Incorporated has reportedly updated the software used in its Xltek EEG products, which monitor brain activity, after a researcher discovered five vulnerabilities that a remote, unauthenticated attacker could exploit to trigger code execution of a denial of service condition.
The number of malicious bots circulating around the internet and impacting website performance increased by 9.5 in 2017, accounting for 21.8 percent of all traffic, according to a new report today from bot detection and mitigation firm Distil Networks, based on data collected from its global network.
Each time a user doubles the amount of time he spends visiting illegal torrent and streaming websites, the malware count on his machine jumps another 20 percent, according to an academic paper released earlier this month.
Survey: Government workers fear doctors and dentists over data breaches; ghosts and aliens not far behind
A recent survey of 110 U.S. government employees who hold a security clearance at their organization found that more respondents listed heights, food poisoning and doctor/dentist visits as one of their biggest fears than having their company's files stolen in a breach.
Researchers from IOActive have developed a proof-of-concept attack that turns ordinarily benevolent robots into malicious, money-grubbing automatons who demand bitcoin as a ransom payment.
An academic paper published last month presents 10 previously undiscovered vulnerabilities in the 4G LTE wireless protocol, including one that researchers say allows unauthenticated attackers to spoof the location of a legitimate user to the network, and another that reportedly can be used to distribute fake emergency messages.
An independent risk assessment conducted this month found that the security posture of U.S. government contractors was markedly worse than the federal agencies that use these third-party services, suggesting contractors must raise their game and bridge the gap.
Academic researchers have reported vulnerabilities in the group communication protocols of three encrypted messaging apps -- WhatsApp, Signal, and Threema -- that could allow attackers to willfully subvert their integrity and confidentiality.
Eight banking apps and one virtual private app were found to contain a hidden vulnerability in their TLS protections, which can be exploited to perform MITM attacks, according to academic researchers who created a new black-box tool capable of detecting the flaw.
Researchers with ClearSky Cyber Security believe with medium-level confidence that they have linked three individuals to the Iranian advanced persistent threat group Charming Kitten, including the man accused of hacking and extorting HBO.
On average, organizations suffer a critical IT incident five times per month, with each one costing a mean of $141,628, according to a Quocirca/Splunk study. Another study, from Ponemon Research/Radware, found that 45 percent of 600 surveyed CISOs experienced a data breach in the last year.
Russian dark web marketplace Ultimate Anonymity Services was recently observed selling more than 35,000 compromised RDP servers, which cybercriminals can leverage to anonymize themselves or to directly access victims' networks.
Russian cybercriminals looking to anonymize their identities while engaging in illegal activity have a few new or improved tools to choose from, according to researchers from Flashpoint.
The ransomware infection that disrupted Hollywood Presbyterian Medical Center and the worldwide WannaCry attack in 2017 caused an ethical and philosophical rift among members of the Russian and Eastern European cybercriminal community.
Researchers have demonstrated a way for remote attackers to exfiltrate data from and send malicious commands to air-gapped networks, using surveillance cameras.
According to McAfee's 11th annual Most Dangerous Celebrities study, online searchers for the Canadian singer result in more malicious websites than searchers for any other famous personality.