Sally Beauty confirms that customer data was accessed in breach
After initially finding “no evidence” that customer card data was taken after a breach, Sally Beauty has now confirmed that fewer than 25,000 records containing card data were illegally accessed by intruders.
IBM claims no data or source code was handed over to NSA
In an open letter to its clients, the software and IT services giant made some weighty assurances that it has not helped the government spy agency obtain customer data through contested surveillance programs.
25,000 servers infected by “Operation Windigo” to bolster a malware campaign
Attackers have been able to sustain a far-reaching spam and malware campaign by using a backdoor trojan to compromise thousands of Unix and Linux servers, according to a white paper published by ESET.
Three indicted for roles in global cyber crime scheme
Three men received charges in a New Jersey District Court for their alleged roles in a cyber crime scheme that attempted to defraud companies, their customers, and the IRS. The ruse made them more than $15 million.
$30 RAT, WinSpy, involved in two phishing campaigns
Two phishing campaigns have been uncovered by experts at FireEye. The operations involve a remote administration tool known as WinSpy. The malware sells for $30 and comes packaged with an Android component known as GimmeRAT.
Two-year-old PHP bug still being exploited via unpatched servers
Researchers with Imperva discovered that a PHP vulnerability originally disclosed in March 2012 is still impacting unpatched servers. More than 80 percent of all websites on the internet are written in the server-side scripting language.
Breaches, malware to cost $491 billion in 2014
A join study from IDC and the National University of Singapore indicates that enterprises around the globe will spend around $500 billion in 2014 on making fixes and recovering from data breaches and malware.
NSA hacks system admins to gain access through gatekeepers
The latest Edward Snowden leaks reveal that after collecting the email or social media accounts of system admins, the National Security Agency (NSA) uses its arsenal of surveillance tools to hack these network gatekeepers.