Academic researchers have reported vulnerabilities in the group communication protocols of three encrypted messaging apps -- WhatsApp, Signal, and Threema -- that could allow attackers to willfully subvert their integrity and confidentiality.
Eight banking apps and one virtual private app were found to contain a hidden vulnerability in their TLS protections, which can be exploited to perform MITM attacks, according to academic researchers who created a new black-box tool capable of detecting the flaw.
Researchers with ClearSky Cyber Security believe with medium-level confidence that they have linked three individuals to the Iranian advanced persistent threat group Charming Kitten, including the man accused of hacking and extorting HBO.
On average, organizations suffer a critical IT incident five times per month, with each one costing a mean of $141,628, according to a Quocirca/Splunk study. Another study, from Ponemon Research/Radware, found that 45 percent of 600 surveyed CISOs experienced a data breach in the last year.
Russian dark web marketplace Ultimate Anonymity Services was recently observed selling more than 35,000 compromised RDP servers, which cybercriminals can leverage to anonymize themselves or to directly access victims' networks.
Russian cybercriminals looking to anonymize their identities while engaging in illegal activity have a few new or improved tools to choose from, according to researchers from Flashpoint.
The ransomware infection that disrupted Hollywood Presbyterian Medical Center and the worldwide WannaCry attack in 2017 caused an ethical and philosophical rift among members of the Russian and Eastern European cybercriminal community.
Researchers have demonstrated a way for remote attackers to exfiltrate data from and send malicious commands to air-gapped networks, using surveillance cameras.
According to McAfee's 11th annual Most Dangerous Celebrities study, online searchers for the Canadian singer result in more malicious websites than searchers for any other famous personality.
A catastrophic worldwide cyberattack and the emergence of an IoT-enabled surveillance state were among the chief security and privacy fears expressed by experts polled for a new report about the internet and its future impact.
Mobile users who substitute their damaged phone touchscreens or other hardware components with third-party replacements could be infecting their phones with malicious components that could allow attackers to completely compromise the device.
Users of online dating apps could end up the target of spear phishing and social engineering scams, especially when these services make one's personal information accessible to virtually anyone, Trend Micro researchers have warned.
Of 100 infosecurity professionals surveyed, 34 percent fingered Russia as the biggest threat to cybersecurity in the U.S., followed closely by organized crime at 33 percent, according to a Cylance blog post.
Researchers deliberately get phished, learn that account exploitation often takes more than 24 hours
Researchers at Imperva recently set up fake online accounts and intentionally allowed themselves to be phished by scammers in order to observe how behavior cybercriminals act after they come into possession of a victim's credentials.
In a recent survey of 360 infosec professionals, 57 percent of respondents said that they work on weekends, while 29 percent said they work at least ten hours a day.
In a recent M&A survey focused on the software industry, 52 out of 100 senior global executives confirmed that their companies inherited cybersecurity problems from a software business that they either merged with or acquired.
Despite their anonymity, sites and services hidden on the dark web are not immune to cyberattacks, as recently demonstrated by a group of researchers who coaxed cybercriminals into attacking fake Tor sites in order to study their behavior.
Only 49 percent of surveyed U.S. executives expect to spend more on cybersecurity in a year's time, despite a 56-percent majority expecting the number of data breach attempts to rise in 2018, according to a new research study.
The U.S. suffered 34 percent of global ransomware infections last year - and it's no wonder why, with 64 percent of Americans willing to pay to retrieve their encrypted files, compared to 34 percent of victims worldwide, according to Symantec.
Researchers in the UK have uncovered a technique for malicious websites to spy on smart device owners and even decipher their screen touches and PIN number entries by secretly monitoring their devices' sensor data.
In a recent poll of more than 1,200 Americans, 92 percent agreed that Internet providers should not be allowed to monitor their activity online and sell that data to third parties without consent -- a strong indictment of Senate Joint Resolution 34, which lifted FCC restrictions that would have prevented ISPs from engaging in this practice.
West Africa may be on the verge of developing its own fully realized underground cybercrime market, buoyed by a combination of traditional 419 advance-fee fraudsters and more sophisticated actors that prefer business email compromise and tax scams.
An analysis of two DHS reports focusing on Russia's reputed interference in the 2016 U.S. election revealed common bonds between the infamous hacking campaign, dubbed Grizzly Steppe, and activity by the Carbanak cyber gang. However, an expert with ESET doesn't think the overlap is significant.
Eighty-eight percent of hackers surveyed at the 2016 DEF CON conference claimed they can compromise a target in less than 12 hours, while 81 percent said they can identify and exfiltrate a target's data in the same amount of time.
The number of cyberattacks targeting financial institutions and their customers soared to new heights in 2016, according to Kaspersky Lab, which observed nearly 1.09 million banking trojan attacks on users in 2016.