Login | Help | Retrieve Data

Archive: Data Security News

Home > Data Security News Archive

Data Security News Archive

How RAM Scraper Malware Stole Data from Target, Neiman Marcus

January 14, 2014 — While Target is still keeping mum on how attackers managed to breach its network and hoover up information belonging to more than 70 million shoppers, we now know that RAM scraping malware was used in the attack… [Read more at PCMag]

RIP, information security, done in by backdoors and secret deals

January 13, 2014 — It seems that the very tools we use to secure our networks represent the greatest insider threat of all… [Read more at InfoWorld]

Cisco promises to fix admin backdoor in some routers

January 13, 2014 — Cisco Systems promised to issue firmware updates removing a backdoor from a wireless access point and two of its routers later this month. The undocumented feature could allow unauthenticated remote attackers to gain administrative access to the devices… [Read more at InfoWorld]

Gamers targeted by hackers, Kaspersky Labs warns

January 12, 2014 — Kaspersky Lab experts have discovered that PC gamers around the globe were hit by 11.7 million attacks in 2013… [Read more at PCWorld]

More retailers reportedly victims of holiday data breaches

January 12, 2014 — At least three other US retailers suffered unpublicized attacks similar to the one on Target, Reuters reports… [Read more at CNET]

Neiman Marcus Notifying Customers After Card Data Breach

January 11, 2014 — Neiman Marcus has been notifying customers of a data breach after hackers stole merchant card information for an undisclosed number of shoppers… [Read more at CIO]

Yahoo says malware attack farther reaching than thought

January 11, 2014 — The company posts guidelines for Yahoo users worried about infection and says people outside Europe may have been hit. It also says the attacks went on longer than previously reported… [Read more at CNET]

McAfee Security Report Suggests 2014 Will Be a Rough Year

January 10, 2014 — Smartphones, social networks, PCs, servers, cloud services, governments and national infrastructure all face security risks in 2014, according to the latest McAfee security report. On, and virtual currencies are being used to fund serious crimes… [Read more at CIO]

Yahoo Malvertising Attack Linked to Larger Malware Scheme

January 9, 2014 — Cisco found hundreds of related suspicious domains that are probably used to push malware… [Read more at CIO]

Default Settings Leave External Hard Drives Connected to Asus Routers Wide Open

January 9, 2014 — Private files can be accessed over the Internet by anyone with basic knowledge… [Read more at CIO]

Leaked NSA Hacking Tools, Tactics, In Focus

January 8, 2014 — Enterprises worry about NSA 'copycat' spying scenarios… [Read more at Dark Reading]

Cybercrooks developing dangerous new file-encrypting ransomware, researchers warn

January 7, 2014 — The new threat from PowerLocker might be even more difficult to remove than CryptoLocker, which plagued users in recent months… [Read more at InfoWorld]

When Websites Attack

January 7, 2014 — Windows threats like Cryptolocker and ZeroAccess get all of the attention, but malware targeting (Linux) Web servers continues to evolve… [Read more at Dark Reading]

Hacker Guccifer strikes again, nabbing 'Downton Abbey' script

January 7, 2014 — Not only did the hacker get a hold of Julian Fellowes' season 4 finale, he also breached the accounts of Leonardo DiCaprio, Tina Brown, George W. Bush, Robert Redford, and dozens more… [Read more at CNET]

Bad Ads on Yahoo Infected Thousands of Users With Malware

January 5, 2014 — Thousands of users who visited Yahoo's Web site over the past week were infected with malware… [Read more at PCMag]

7 InfoSec Predictions For 2014: Good, Bad & Ugly

January 3, 2014 — First, the bad news: Windows XP doomsday, escalating ransomware, botnet-driven attacks, emerging SDN threats. The good news: Threat intelligence goes mainstream… [Read more at InformationWeek]

Target's Christmas Data Breach

December 26, 2013 — A week after Target's breach and probable compromise of 40 million credit and debit card details, there appears to be little new public information as to how the attack occurred and what remedies Target has taken to prevent it from happening again… [Read more at Dark Reading]

Cyber Monday And The Threat Of Economic Espionage

December 8, 2013 — All signs point to such an event becoming a very real possibility… [Read more at Dark Reading]

November 5, 2013 — Even if your company is not a primary target, hackers may be using you to get to the big fish. Here's how to protect your servers without breaking the bank… [Read more at InformationWeek]

Criminals Exploit Microsoft Office Zero-Day Flaw

November 8, 2013 — At least two sets of attackers have been using malicious Office documents to exploit the graphics processing vulnerability… [Read more at InformationWeek]

11 sure signs you've been hacked

November 4, 2013 — Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned… [Read more at InfoWorld]

Federal Security Breaches Traced to User Noncompliance

October 17, 2013 — In an effort to lock down agency data and control access points, cybersecurity professionals in the federal government fail to consider the experience of end users, who say security policies are burdensome and often resort to workarounds… [Read more at CIO]

Hackers Steal Customer Information From PR Newswire

October 17, 2013 — The stolen data includes account credentials and contact information… [Read more at CIO]

Security spending continues to run a step behind the threats

October 16, 2013 — Survey finds breaches and associated costs continue to rise… [Read more at CSO]

The Long Shadow Of Saudi Aramco

October 14, 2013 — New threats, realities of targeted attacks forcing oil and gas companies to rethink and drill down on security… [Read more at Dark Reading]

Insider threats and how they can be mitigated

October 14, 2013 — Any employee with access to sensitive data is a potential threat, whether they know it or not. Even if they don't have malicious intentions, the inherent nature of their privilege is what makes them so dangerous… [Read more at CSO]

Backdoor Found in D-link Router Firmware Code

October 14, 2013 — The backdoor could be used to modify a router's settings, a dangerous vulnerability… [Read more at CIO]

Cyberthreats Grow More Ominous: Former NSA Chief

October 11, 2013 — Microsoft's Craig Mundie, former NSA and CIA chief Gen. Michael Hayden and other experts say cybersecurity attacks are getting more dangerous… [Read more at InformationWeek]

New NIST cybersecurity standards could pose liability risks

October 11, 2013 — Once passed, the standard will become the benchmark to measure critical infrastructure security programs… [Read more at ComputerWorld]

Cybercrime Costs Skyrocket

October 8, 2013 — U.S. businesses now face average annual costs of $11.6 million to combat cybercrime, says study… [Read more at InformationWeek]

Pirated Software May Contain Malware

August 1, 2013 — Today, the National Intellectual Property Rights Coordination (IPR) Center is warning the American people about the real possibility that illegally copied software, including counterfeit products made to look authentic, could contain malware… [Read more at FBI.gov]

Cyberespionage Operators Work In Groups, Process Enormous Data Workloads

June 13, 2013 — A group of Taiwanese researchers peer into the operations center of a group behind one large espionage campaign… [Read more at Dark Reading]

Federal Agencies Graded On Cybersecurity

June 11, 2013 — White House report on cybersecurity goals shows agencies are making progress to keep federal IT systems safe, but they might miss 2014 targets… [Read more at InformationWeek]

Android Trojan Looks, Acts Like Windows Malware

June 7, 2013 — .Android Trojan "Odad.a" rivals Windows malware in the harm it can do to mobile device users, say experts… [Read more at InformationWeek]

Chinese hackers reportedly stole Obama and McCain documents

June 6, 2013 — During the 2008 presidential campaign, top-level staffers' laptops were infiltrated with malware that allowed alleged Chinese hackers to steal internal documents, files, and e-mails… [Read more at CNET]

Negligence, Glitches Push Up Cost Of Breaches Worldwide

June 5, 2013 — But U.S. breach costs on downward trajectory, reports eighth annual Ponemon study… [Read more at Dark Reading]

Zeus Bank Malware Surges On Facebook

June 5, 2013 — .Old threat makes a comeback, targeting Facebook users' bank credentials and more… [Read more at InformationWeek]

Mistakes Approach Malice As Data Breach Cause

June 5, 2013 — Malicious attacks are the leading cause of data breaches, but employee and contractor errors are a growing reason, study finds… [Read more at InformationWeek]

'NetTraveler' Cyberespionage Campaign Uncovered

June 4, 2013 — Nearly decade-old attack also has links to other APT groups, infrastructure… [Read more at Dark Reading]

New Chinese hacker group targets governments and nuclear facilities

June 4, 2013 — There's another Chinese spy hacker group on the scene targeting governments and research firms, according to a new report by a cybersecurity firm… [Read more at CNNMoney]

Strengthening Enterprise Defenses With Threat Intelligence

June 3, 2013 — By integrating security monitoring with threat intelligence, organizations can build a smarter defense… [Read more at Dark Reading]

Moving Safely From Detection To Automated Action

June 3, 2013 — Companies that fail to make the most use of automation put themselves at risk, yet doing it wrong can lead to business disruptions… [Read more at Dark Reading]

Photo-sharing programs used by cyber-criminals to attack computers

May 30, 2013 — The FBI has seen an increase in cyber-criminals who use online photo-sharing programs to perpetrate scams and harm victims’ computers… [Read more at GSN]

5 Big Database Breaches Of Spring 2013

May 30, 2013 — Learning from the most recent impactful breaches of 2013… [Read more at Dark Reading]

China's military to train on digital warfare

May 29, 2013 — Amid rising concern in the U.S. over China's role in cyberattacks, the latter is expanding its focus on virtual combat… [Read more at CNET]

3 Lessons From Layered Defense's Missed Attacks

May 29, 2013 — Research shows that combining two security products produces widely different improvements in security… [Read more at Dark Reading]

Chinese Hackers Stole U.S. Military Secrets

May 28, 2013 — "Cyber exploitation" campaign obtained information relating to 29 weapon systems and 21 areas of cutting-edge research… [Read more at InformationWeek]

Signs Of A Shift To Intel-Driven Defense

May 28, 2013 — Organizations such as AIG move away from operations-based to intelligence-driven security strategies, emerging technologies… [Read more at Dark Reading]

Chinese hackers reportedly accessed U.S. weapons designs

May 27, 2013 — More than two dozen advanced weapons systems are said to have been accessed… [Read more at CNET]

Zeus Trojan Makes a Comeback After Months of Silence

May 27, 2013 — The Zeus banking Trojan is back, with new code and capabilities… [Read more at PCMag]

Iranian Cyber-Attackers Target US Energy Companies

May 25, 2013 — Cyber-attackers backed by the Iranian government have breached and infiltrated several US-based energy companies… [Read more at PCMag]

Layered defenses largely fail to block exploits, says NSS

May 24, 2013 — Research lab finds a mix of products from different vendors is best for 'defense in depth'… [Read more at CSO]

Is protecting intellectual property from cyberthieves futile?

May 23, 2013 — Experts gathering to discuss intellectual-property theft say that a fix will require the application of economic sanctions, not just more technology… [Read more at CNET]

New startups prime targets for cyberattacks

May 23, 2013 — Startups take note: Cybercriminals are onto you… [Read more at CNNMoney]

Malware-splosion: 2013 Will be Malware's Biggest Year Ever

May 23, 2013 — According to the German security company AV-Test, malware has exploded in the past five years to unprecedented levels… [Read more at PCMag]

The wide world of hacking in China

May 23, 2013 — The Chinese have been known to be experts at hacking for quite some time. But what might surprise some is that it's epidemic across the country in all levels of society… [Read more at CNET]

Researchers find more versions of digitally signed Mac OS X spyware

May 23, 2013 — The malware is connected to Indian cyberespioange operation and has been active since at least December 2012, researchers say… [Read more at InfoWorld]

Even SMBs Should Look To Log Management For Security

May 21, 2013 — A firewall, patch procedure, anti-malware and, possibly, an IDS are a good start. But to detect breaches, small and medium businesses should focus on logging activity and looking out for suspicious behavior… [Read more at Dark Reading]

APT Attacks Trace To India, Researcher Says

May 21, 2013 — Multi-year hacking campaign targeted mining companies, legal firms, Pakistan, Angolan dissidents and others in Pakistan, the U.S., Iran, China and Germany… [Read more at InformationWeek]

Google Aurora Hack Was Chinese Counterespionage Operation

May 21, 2013 — Attackers were after U.S. government surveillance requests for undercover Chinese operatives, say former government officials… [Read more at InformationWeek]

Power utilities claim 'daily' and 'constant' cyberattacks, says report

May 21, 2013 — A report out of Congress outlines the increased hacks on power grid computer systems, noting that one utility faces 10,000 attempted cyberattacks per month… [Read more at CNET]

Cyber-Espionage Campaign Targets Over 100 Countries

May 21, 2013 — An ongoing cyber-espionage operation, dubbed Safe, targeted various organizations in more than 100 countries… [Read more at PCMag]

Watch out for waterhole attacks -- hackers' latest stealth weapon

May 21, 2013 — It's time to learn about waterhole attacks, where sites with tailored malware await visits by certain companies' employees… [Read more at InfoWorld]

Google breach may have led to sensitive data leaks

May 20, 2013 — Chinese hackers were blamed for breaking into Google's servers in 2010; now, U.S. officials say these cyberattacks may have led to the release of secret government information… [Read more at CNET]

Mass Customized Attacks Show Malware Maturity

May 15, 2013 — The malware universe is typically divided into targeted attacks and mass, opportunistic attacks, but a middle category -- mass customized malware -- poses a more serious threat for business… [Read more at Dark Reading]

3 Big Mistakes In Incident Response

May 13, 2013 — How not to respond to a cyberattack… [Read more at Dark Reading]

Hacking Higher Education

May 13, 2013 — The cybersecurity challenge on college campuses lies as much with the students as with malicious outsiders… [Read more at InformationWeek]

Washington State Courts Reveal Security Breach

May 10, 2013 — State officials don't know when attackers accessed up to 160,000 Social Security and 1 million driver's license numbers stored in unencrypted format… [Read more at InformationWeek]

U.S. charges 8 in $45M global cybercrime scheme

May 9, 2013 — New York-based cell used information gleaned from two hacks to create bogus debit cards to quickly steal millions from bank machines in Manhattan… [Read more at CNET]

Convenience Store Chain Hacked, Customer Payment Data At Risk

May 7, 2013 — MAPCO Express says the FBI is investigating a breach that exposed customer financial data in its stores … [Read more at Dark Reading]

Pentagon accuses China of cyberattacks on U.S military, business targets

May 7, 2013 — Stolen data is used to ramp up China's military and high tech industries, Defense Department says in report to Congress… [Read more at ComputerWorld]

Internet Explorer 8 Zero Day Exploit Targeted Nuclear Workers

May 6, 2013 — Security researchers discovered an exploit in Internet Explorer 8 that allowed attackers to execute malicious code on a victim's computer… [Read more at PCMag]

Systems Manager Arrested for Hacking Former Employer's Network

May 3, 2013 — He allegedly caused over US$90,000 in damages, the FBI said… [Read more at CIO]

China Tied To 3-Year Hack Of Defense Contractor

May 2, 2013 — U.S. defense contractor QinetiQ ignored persistent attack warning signs, lost terabytes of secret information, say investigators… [Read more at Dark Reading]

Printers, routers used as bots in DDoS attacks

May 1, 2013 — Network-connected devices have vulnerable protocols that allow them to be easily manipulated, Prolexic says… [Read more at ComputerWorld]

Five Habits Of Highly Successful Malware

May 1, 2013 — It's no secret that malware is dodging defenses; security experts pinpoint successful strategies, including the use of real-time communications, frequent disguises, and laying low… [Read more at Dark Reading]

U.S. Labor Dept. Website Hacked, Serves Malware

May 1, 2013 — Attack bears strong similarities to previous campaigns executed by Chinese APT attack group "DeepPanda," reports security expert… [Read more at InformationWeek]

Survey raises specter of massive enterprise software insecurity

Apri 30, 2013 — Annual Sonatype survey suggests enterprise app developers are leaving huge security holes with use of open source components… [Read more at InfoWorld]

Chinese Cyberespionage: Brazen, Prolific, And Persistent

April 30, 2013 — New research from multiple sources illustrates dominant role of China in cyberespionage… [Read more at Dark Reading]

Darkleech Apache Attacks Intensify

April 30, 2013 — Security researchers discover hard-to-detect, memory-resident Linux malware compromising Apache servers and redirecting browsers to other infected sites… [Read more at InformationWeek]

Recent Breaches More Likely To Result In Fraud

April 29, 2013 — A victim whose data is stolen in the past year will have a 1-in-4 chance of becoming a fraud victim as well, says Javelin's latest breach analysis… [Read more at Dark Reading]

Big Data Makes A Big Target

April 29, 2013 — LivingSocial.com is another in a long line of "big scores" for data attackers… [Read more at Dark Reading]

LivingSocial Password Breach Affects 50 Million Accounts

April 27, 2013 — Cyber-attackers recently breached LivingSocial's systems and illegally accessed customer information for more than 50 million users… [Read more at PCMag]

Hackers increasingly target shared Web hosting servers for use in mass phishing attacks

April 26, 2013 — Nearly half of phishing attacks seen during the second half of 2012 involved the use of hacked shared hosting servers, APWG report says… [Read more at InfoWorld]

More malware discovered from drone cyberattacks

April 24, 2013 — Despite the exposure of the cyberespionage, Operation Beebus is still active, although its infrastructure has changed… [Read more at CSO]

Cyber scammers fake out Google Play with bogus ad network

April 22, 2013 — Bad guys loaded Google Play with 32 Android apps that, once installed, pull malicious payloads from remote servers… [Read more at InfoWorld]

Chinese Cyberattacks Skyrocket in 2012, But What Does it Mean?

April 22, 2013 — This year, a large uptick in espionage attacks linked to China paints a scary, if somewhat warped, picture… [Read more at PCMag]

Symantec Internet Security Threat Report reveals spike in cyber-espionage

April 16, 2013 — Symantec Corp.’s Internet Security Threat Report on April 16 revealed a 42 percent surge during 2012 in targeted attacks… [Read more at GSN]

Symantec report finds small businesses battered by cyber crime

April 16, 2013 — Companies with 250 employees or less absorbed 18 percent of targeted cyber attacks in 2011 but 31 percent in 2012… [Read more at InfoWorld]

Control system hack at manufacturer raises red flag

April 9, 2013 — US-CERT find leads to concerns across a broad array of industries, including military and hospitals… [Read more at CSO]

Wells Fargo site hit by denial-of-service attack

March 27, 2013 — The bank's Web site was the victim of a cyberattack yesterday, though the company says its physical branches and ATMs weren't affected… [Read more at CNET]

Malware Developers Hijack Chromium Framework

March 26, 2013 — Malware developers have been using a free Web browser control framework to make their malicious code easier to create and maintain… [Read more at InformationWeek]

Think layers of security is all that? Think again

March 26, 2013 — Of 1,800 serious malware NSS Labs tested, some always managed to get through -- no matter what combination of protection was used… [Read more at CSO]

Boring Malware Sneaks By Antivirus Sandboxing

March 25, 2013 — Performing dynamic analysis of unknown software in a controlled environment—or "sandboxing"—is a powerful tool security professionals use to flush out malware. However, the bad guys are wise to the technique and have been introducing new tricks to break out of the sandbox and into your system… [Read more at PCMag]

Small Suppliers Must Beef Up Security

March 25, 2013 — Attacks on small- and midsized businesses are on the rise, particularly against those firms supplying--and thus having access to--larger companies… [Read more at Dark Reading]

Top Chinese university linked to alleged military cybercrime unit

March 23, 2013 — Reuters has turned up a research connection between Shanghai Jiaotong University and the People's Liberation Army unit suspected of participation in cyberattacks on the West… [Read more at CNET]

Hackers Eavesdrop Using Legitimate Remote Control Software

March 23, 2013 … For a decade, "TeamSpy" cyber espionage campaign has used TeamViewer software already installed on PCs to eavesdrop on communications and steal data from targets in Eastern Europe… [Read more at InformationWeek]

Chameleon botnet steals $6M per month in click fraud scam

March 19, 2013 — More than 120,000 Windows-based computers running Internet Explorer 9 are infected in the U.S., researchers say… [Read more at CNET]

Rent, Buy, or Lease? Exploit Toolkits A La Carte

March 19, 2013 — Gone are the days when cybercrime was a pastime of mischievous teenagers. Cybercrime has evolved into a complex enterprise complete with leaders, engineers, infantry, and money mules… [Read more at PCMag]

What 420,000 insecure devices reveal about Web security

March 18, 2013 — Using a simple technique, a researcher creates a benign botnet to survey the breadth of the Internet, and finds a back door flung wide open and beckoning the bad guys… [Read more at CNET]

U.S. National Vulnerability Database Hacked

March 14, 2013 — The central database of vulnerability and related security information, maintained by NIST, remains down due to malware discovered on the site and traced, ironically, to a software vulnerability… [Read more at Dark Reading]

Security appliances are riddled with serious vulnerabilities, researcher says

March 14, 2013 — Companies should not assume that security products are implicitly secure, the researcher said… [Read more at CSO]

Medical Industry Under Attack By Chinese Hackers

March 14, 2013 — Sykipot, VOHO targeted attack campaigns hit medical industry, and cyberspies also after business-process intel… [Read more at Dark Reading]

Intelligence chief offers dire warning on cyberattacks

March 12, 2013 — Director of National Intelligence James Clapper presents his yearly congressional report on security threats facing the nation. Cyberattacks appear for the first time -- and get top billing… [Read more at CNET]

White House demands China cease alleged hacking activity

March 11, 2013 — Obama's national security adviser says China must end recent cyberespionage traced to back to that country or risk impacting relations with the U.S.… [Read more at CNET]

U.S. Cybersecurity Status Weak, Reports Charge

March 7, 2013 — DOD report says the military is "not prepared" for cyber war, while a White House report says agencies fall short of federal cybersecurity goals… [Read more at InformationWeek]

Prices fall, services rise in malware-as-a-service market

March 4, 2013 — Webroot has seen starting prices for a U.S. botnet fall from $200 to $120, thanks to competition, the company says… [Read more at InfoWorld]

Anonymous Takes On State Department, More Banks

February 19, 2013 — Hacktivist group says it will release work email addresses for more than 170 U.S. State Department employees in fifth round of Operation Last Resort attacks… [Read more at InformationWeek]

Retailers a prime target for cybercriminals in 2012

February 14, 2013 — Nearly half of the attacks investigated by the company were aimed at retailers, says Trustwave… [Read more at CSO]

Your antivirus software probably won't prevent a cyberattack

January 31, 2013 — During a four-month long cyberattack by Chinese hackers on the New York Times, the company's antivirus software missed 44 of the 45 pieces of malware installed by attackers on the network… [Read more at CNNMoney]

Pentagon to boost Cyber Command fivefold, report says

January 28, 2013 — Faced with rising cyberattack numbers and heckling by the likes of Anonymous, the Pentagon has decided to increase its staffing from 900 to 4,900 workers, according to the Washington Post… [Read more at CNET]

Corporations bring a 'knife to a gun fight' amid cyberattacks

January 25, 2013 — According to a new report, denial-of-service attacks rose by a staggering 170 percent last year, and corporations need to learn how to better defend themselves… [Read more at CNET]

'Cyber 9/11' may be on horizon, Homeland Security chief warns

January 24, 2013 — With the possibility of a massive cyberattack hitting the U.S. in the near future, Homeland Security Secretary Janet Napolitano urges the government to pass cybersecurity legislation… [Read more at CNET]

U.S. is home to greatest number of botnet servers, says McAfee

January 24, 2013 — With 631 active command and control servers, the U.S. far surpasses any other country when it comes to malware-controlled zombie computers, says the antivirus vendor… [Read more at CNET]

Sony fined $395K for 2011 PlayStation Network hack

January 24, 2013 — The Information Commissioner's Office in the U.K. has fined Sony Computer Entertainment Europe for the PlayStation Network data breach in April 2011, which the agency says was preventable… [Read more at CNET]

3 charged in malware scheme targeting bank accounts

January 23, 2013 — U.S. prosecutors say three foreign nationals created and distributed a virus that infected 1 million computers worldwide, including 40,000 in the U.S… [Read more at CNET]

Beware of fake Java updates

January 23, 2013 — New malware poses as Java updater to fix recent vulnerabilities… [Read more at CNET]

New bill asks companies to notify EU of security breaches

January 18, 2013 — The European Union works on legislation that would set up local cybersecurity agencies, in an effort to regulate tech companies that have access to user data… [Read more at CNET]

U.S. general warns of Iran's growing cyber strength

January 18, 2013 — The Iranian government has enhanced its cyber capabilities since being hit by the Stuxnet virus, cautions a U.S. Air Force official… [Read more at CNET]

Big Data Will Play Key Role In Security's Future, Study Says

January 17, 2013 — 'Intelligence-driven security' will enable enterprises to deeply analyze security data and assess risk more accurately… [Read more at Dark Reading]

Zaxby's Restaurants Hit With Security Breach

January 16, 2013 — The restaurant chain is investigating a breach that may have exposed customer data at more than 100 of its locations… [Read more at Dark Reading]

Facebook Graph Search is an awesome tool for phishing attacks

January 16, 2013 — Facebook shook the tech world's foundation a bit with the announcement of Graph Search capability. Users are anxious for a chance to play with the new feature, and attackers are looking forward to this potent new weapon, er, tool as well… [Read more at PCWorld]

Another Java Zero-Day Vulnerability Hits Black Market

January 16, 2013 — Just 24 hours after Oracle patched two critical flaws in Java, online vulnerability vendor starts selling never-seen Java bug… [Read more at InformationWeek]

Red October malware discovered after years of stealing data in the wild

January 15, 2013 — A shadowy group of hackers has siphoned intelligence data worldwide from diplomatic, government, and scientific research computer networks for more than five years… [Read more at PCWorld]

Diplomatic and Government Agencies Targeted in Years-long Cyberespionage Operation

January 14, 2013 — The attackers used custom malware to target organizations from 39 countries… [Read more at CIO]

Homeland Security still advises disabling Java, even after update

January 14, 2013 — DHS says an unpatched vulnerability may still put Web browsers using the plugin at risk of remote attack… [Read more at CNET]

Oracle rushes patch to quash critical Java bugs

January 14, 2013 — Oracle on Sunday issued an emergency Java update to patch two critical vulnerabilities, including one that had been exploited in ongoing and accelerating attacks… [Read more at ComputerWorld]

Java Fallout: 4 SMB Security Resolutions

January 14, 2013 — Fixing this kind of security issue doesn't require going head-to-head with organized crime rings or hacktivist groups. It just requires some human elbow grease… [Read more at InformationWeek]

How Cybercriminals Choose Their Targets And Tactics

January 13, 2013 — Targeted attacks are becoming pervasive. Here's a look at how those targets are chosen -- and how your organization might avoid being one of them… [Read more at Dark Reading]

Java Zero-day Vulnerability Actively Exploited By Attackers

January 10, 2013 — The exploit for an unpatched Java vulnerability was added in popular attack toolkits, security researchers say… [Read more at CIO]

Botnets for Hire Likely Used in Attacks Against US Banks, Security Firm Says

January 10, 2013 — Evidence collected from a website that was recently used to flood U.S. banks with junk traffic suggests that the people behind the ongoing DDoS attack campaign against U.S. financial institutions -- thought by some to be the work of Iran -- are using botnets for hire… [Read more at CIO]

Nations prepare for cyber war

January 7, 2013 — Security analysts are predicting that 2013 is when nation-sponsored cyberwarfare goes mainstream… [Read more at CNN Money]

Website of US-based Gas Turbine Maker Also Rigged with New IE Exploit

January 3, 2013 — The website of Capstone Turbine Corporation served an exploit for a new Internet Explorer vulnerability… [Read more at CIO]

'Dementia' Wipes Out Attacker Footprints In Memory

January 3, 2013 — New tool exposes weak links in forensic tools that inspect Windows memory for attack intelligence… [Read more at Dark Reading]

Fake Turkish site certs create threat of bogus Google sites

January 3, 2013 — After a Turkish Internet certificate authority "mistakenly" issues two unauthorized e-documents used to verify Web site authenticity, another organization creates a fraudulent certificate that could let it impersonate various Google sites. Browser makers have responded… [Read more at CNET]

Security lessons from 2012

January 3, 2012 — DDoS attacks on banks, cyberwarfare should be high on security agendas… [Read more at ComputerWorld]

New IE Zero-Day Attack Bypasses Key Microsoft Security Measures

January 2, 2013 — Microsoft releases temporary browser fix for new flaw being exploited in targeted attacks… [Read moer at Dark Reading]

Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt

December 31, 2012 — The antivirus industry has a dirty little secret: its products are often not very good at stopping viruses… [Read more at The New York Times]

2012's Worst Security Exploits, Fails and Blunders

December 28, 2012 — If 2012 has proven anything, it's that even the most cautious security-minded souls need to double down on their protective practices, and think about the best ways to mitigate damage if the worst happens in our increasingly cloud-connected world… [Read more at PCWorld]

Automated Malware Analysis Under Attack

December 20, 2012 — Malware writers go low-tech in their latest attempt to escape detection, waiting for human input -- a mouse click -- before running their code… [Read more at Dark Reading]

Poor SCADA Security Will Keep Attackers and Researchers Busy in 2013

December 21, 2012 — Security researchers expect attacks against industrial control systems to increase next year… [Read more at CIO]

Stabuniq Malware Found on Servers at U.S. Financial Institutions

December 21, 2012 — Security researchers from Symantec have identified an information-stealing Trojan program that was used to infect computer servers belonging to various U.S. financial institutions… [Read more at CIO]

Making Database Security Your No. 1 2013 Resolution

December 20, 2012 — How database-centric practices would change your security strategy and risk profile in the coming year… [Read more at Dark Reading]

Cybercrime Inc.: The Business Of The Digital Black Market

December 19, 2012 — Money makes the world go 'round -- especially the world of cybercrime, where criminal groups have exploded in both number and sophistication… [Read more at Dark Reading]

World of botnet cybercrime paying pretty well these days

December 19, 2012 — The world of cybercrime is getting more specialized as an eco-sphere of helpers in running botnet operations has developed… [Read more at Network World]

Five Significant Insider Attacks Of 2012

December 17, 2012 — From the recent theft of counterterrorism data from Switzerland's intelligence agency to remotely wiretapping boardroom videoconferencing systems, a number of attacks had an inside component… [Read more at Dark Reading]

Dexter' Directly Attacks Point-of-Sale Systems

December 11, 2012 — kers employ custom malware rather than physical skimmers to steal payment card information from PoS systems in 40 countries… [Read more at Dark Reading]

Dexter Malware Infects Point-of-Sale Systems Worldwide

December 11, 2012 — Researchers from Israel-based IT security firm Seculert have uncovered a custom-made piece of malware that infected hundreds of point-of-sale (PoS) systems from businesses in 40 countries in the past few months and stole the data of tens of thousands of payment cards… [Read more at CIO]

Team Ghostshell Hackers Claim NASA, Interpol, Pentagon Breaches

December 10, 2012 — Group boasts "juicy release" of 1.6 million records and accounts drawn from defense contractors, government agencies, trade organizations and more… [Read more at InformationWeek]

'Project Mayhem' Hacks Accounting Software

December 6, 2012 — No exploit required for defrauding Microsoft and other accounting systems, researchers at Black Hat Abu Dhabi reveal… [Read more at Dark Reading]

Zeus botnet steals $47M from European bank customers

December 5, 2012 — New variant dubbed "Eurograbber" intercepts bank text messages sent to mobile phones to defeat two-factor authentication process… [Read more at CNET]

Hackers steal customer info from insurance provider Nationwide

December 5, 2012 … The insurance company reports a hack from October that compromises the personal information of 1.1 million people… [Read more at CNET]

Stepping Up SMB Security

December 5, 2012 — When your company is the third-party vendor, improved security practices, transparency, and independent reviews to prove your claims can go a long way toward winning enterprises embattled by attacks and the burden of compliance… [Read more at Dark Reading]

'Gameover Zeus' Gang Launches New Attacks

December 4, 2012 — Campaign includes rigged emails spoofing major U.S. banks and offering 'secure email' exchange with banking customers… [Read more at Dark Reading]

New 'Dockster' Malware Targets Apple Computers

December 3, 2012 — The basic trojan has been found on a website dedicated to the Dalai Lama… [Read more at CIO]

Japan Space Agency: Virus May have Stolen Space Rocket Data

November 30, 2012 — The Japan Aerospace Exploration Agency said an infected computer may have given up secrets on its long-range Epsilon rocket… [Read more at CIO]

10 Top Government Data Breaches Of 2012

November 29, 2012 — SQL injection, post-phishing privilege escalation, and poorly secured back-up information all played their part in exposing sensitive government data stores this year… [Read more at Dark Reading]

Chinese Cyberespionage Tool Updated For Traditional Cybercrime

November 27, 2012 — PlugX remote access Trojan (RAT) spotted being used to pilfer money out of enterprises… [Read more at Dark Reading]

How South Carolina Failed To Spot Hack Attack

November 26, 2012 — Attackers stole 3.3 million businesses' bank details and 1.9 million social security numbers, cost the state $14 million for cleanup… [Read more at InformationWeek]

Cybercriminals Are Increasingly Abusing .eu Domains in Attacks

November 23, 2012 — The number of malicious .eu domains seen in attacks has increased this year, several security vendors say… [Read more at CIO]

Linux users targeted by mystery drive-by rootkit

November 20, 2012 — Security researchers have discovered what appears to be an experimental Linux rootkit designed to infect its highly select victims during a classic drive-by website attack… [Read more at TechWorld]

New Linux Rootkit Discovered Injecting iFrames

November 20, 2012 — The rootkit is the next step in iFrame-injecting cybercrime operations… [Read more at Dark Reading]

Malware uses Google Docs as proxy to command and control server

November 19, 2012 — Backdoor.Makadocs variant uses Google Drive Viewer feature to receive instructions from its real command and control server… [Read more at InfoWorld]

Hackers break into two FreeBSD Project servers using stolen SSH keys

November 19, 2012 — Users who installed third-party software packages distributed by FreeBSD.org are advised to reinstall their machines… [Read more at InfoWorld]

Israel government Web sites hit by hacker blitz

November 18, 2012 — Government says its Web sites have experienced 44 million hacking attempts but only one successful breach… [Read more at CNET]

Congress Kills Cybersecurity Bill, White House Action Expected

November 15, 2012 — White House looks primed to take action on its own after Congress again fails to pass cybersecurity legislation… [Read more at InformationWeek]

Adobe suffers database leak, user forum taken offline

November 15, 2012 — The hacker says he undertook the attack to shed light on how slow Adobe is to fix security issues after being alerted to them -- and says Yahoo is next… [Read more at CNET]

Obama signs secret directive to help thwart cyberattacks

November 14, 2012 — President Obama has signed a secret directive that effectively enables the military to act more aggressively to thwart cyber­attacks on the nation’s web of government and private computer networks… [Read more at The Washington Post]

China cyber-espionage threatens U.S., advisory group warns

November 14, 2012 — In its 2012 report, the U.S.-China Economic and Security Review Commission urges Congress to fully investigate China's cyber-espionage campaigns… [Read more at CNET]

The Globalization Of Cyberespionage

November 12, 2012 — Newly revealed cyberspying campaign against Israeli and Palestinian targets demonstrates how the threat is no longer mostly a China thing… [Read more at Dark Reading]

Cyberattacks against Lockheed have 'increased dramatically'

November 12, 2012 — The company in charge of the U.S. government's cybercrime lab announces a steep surge in the pace and sophistication of cyberattacks… [Read more at CNET]

Espionage Malware Network Targets Israel, Palestine

November 12, 2012 — Botnet operators have been infecting multiple targets for more than a year using phishing attacks and Xtreme RAT… [Read more at InformationWeek]

Heist once again highlights e-banking vulnerabilities

November 8, 2012 — Commercial customers need to heed warnings from cyber thefts in Missouri, Maine… [Read more at CSO]

4 Long-Term Hacks That Rocked 2012

November 8, 2012 — News of lengthy hacker incursions into enterprise databases and networks has been plentiful over the last year… [Read more at Dark Reading]

U.S. Commission Fingers China As Biggest Cyberthreat

November 8, 2012 — Annual report, mandated by Congress, raises the question of how best to defend against such cyberattacks… [Read more at CIO]

After Stuxnet: The new rules of cyberwar

November 5, 2012 — Critical infrastructure providers face off against a rising tide of increasingly sophisticated and potentially destructive attacks emanating from hacktivists, spies and militarized malware… [Read more at ComputerWorld]

Hackers Claim Attacks Against Imageshack, Symantec, PayPal, Other Websites

November 5, 2012 — Different hacker groups claim to have breached servers belonging to ImageShack, Symantec, PayPal and other organizations… [Read more at CIO]

Apache Server Setting Mistakes Can Aid Hackers

November 5, 2012 — Numerous large companies that use free Apache server software leave internal status pages visible, which can help hackers exploit networks… [Read more at InformationWeek]

Tech Insight: Five Steps To Implementing Security Intelligence

November 4, 2012 — Building an initiative to collect and analyze threat and risk information takes some planning. Here's a look at the key steps… [Read more at Dark Reading]

Is new malware Jacksbot just starting to rear its head?

November 2, 2012 — A new Java-based malware package has been found that has the potential to affect multiple platforms… [Read more at CNET]

Fake AV, Phishing Scams Gunning for Windows 8

November 2, 2012 — ndows 8 launched to great fanfare only a week ago, but it is already under attack… [Read more at PCMag]

Cyber-Criminals Rent or Buy What They Need: It's Cheap!

November 2, 2012 — Underground forums offer cyber-criminals a diverse array of products and services to enhance their criminal enterprises. With prices falling, it's easier than ever to embark on the life of cyber-crime… [Read more at PCMag]

FBI Expands Cybercrime Division

October 30, 2012 — Federal Bureau of Investigation will hire computer scientists, build new tools and boost collaboration to help catch malicious hackers… [Read more at InformationWeek]

Insecure industrial control systems, hacker trends prompt federal warnings

October 30, 2012 — DHS warns of increasing security risk to power utilities, water treatment plants and manufacturing… [Read more at CSO]

Study: Lack of abuse detection allows cloud computing instances to be used like botnets

October 30, 2012 — Some cloud providers don't detect attacks launched from their networks, researchers say… [Read more at InfoWorld]

Shopping The Russian Cybercrime Underground

October 30, 2012 — Inside look at the wide range of hacking and related services being offered in the Russian-speaking cybercrime marketplace illustrates its maturity and popularity… [Read more at Dark Reading]

Data breach victims could get damages from careless firms

October 29, 2012 — How federal courts define the damages people suffer from data breaches is broadening dramatically, leaving unprepared companies at greater risk of big payouts in class-action lawsuits… [Read more at PCWorld]

Brute force cyber-attacks can hide more sinister strikes on networks

October 29, 2012 — As U.S. banks reeled under an unprecedented wave of Distributed Denial of Service (DDoS) attacks that crippled some of their Web capabilities in September, the electronic assault showed that what was once considered an “old school” brute force cyber weapon remains an effective and potent threat… [Read more at GSN]

Fast Flux Botnet Nets Fraudsters $78 Million

October 26, 2012 — Security report offers new details on financial hackers, warns that automated clearing house payment channels could be next target of increasingly sophisticated attacks… [Read more at InformationWeek]

Critical flaw found in software used by many industrial control systems

October 26, 2012 — CoDeSys runtime flaw allows hackers to execute commands on critical industrial control systems without authentication, researchers say… [Read more at InfoWorld]

South Carolina: State Computer System Is Hacked

October 26, 2012 — A hacker broke into the state’s computer system, exposing 3.6 million Social Security numbers and 387,000 credit and debit card numbers… [Read more at New York Times]

Monitoring To Detect The Persistent Enemies

October 26, 2012 — Subtle attackers who are after intellectual property are hard to find. Monitoring can help… [Read more at Dark Reading]

Barnes & Noble Probes PIN Keypad Hack

October 25, 2012 — Criminals hacked one PIN keypad in each of 63 stores and have already used the stolen data to commit fraud. Was it an inside job? [Read more at InformationWeek]

Antivirus Tool Fail: Blocking Success Varies By 58%

October 25, 2012 — Only two of 13 endpoint security software scanners blocked more than 80% of known exploits… [Read more at InformationWeek]

Cyber Crooks Target Healthcare For Financial Data

October 24, 2012 — Identity thieves looking for a quick buck often don't even know they are attacking healthcare organizations… [Read more at InformationWeek]

Russian Service Rents Access To Hacked Corporate PCs

October 23, 2012 — Service provides stolen remote desktop protocol credentials, letting buyers remotely log in to corporate servers and PCs, bypassing numerous security defenses… [Read more at InformationWeek]

U.S. rattles preemptive cyberattack saber

October 18, 2012 — Defense Secretary warns the government would tap new forensics abilities, and experts say the time is right to use new tech to strike first… [Read more at CSO]

Cyberthieves steal $400,000 from Bank of America

October 16, 2012 — Residents and city workers in Burlington, Wash., have been told to check their accounts after $400,000 was stolen from a city bank… [Read more at CNET]

5 signs you've been hit with an advanced persistent threat

October 16, 2012 — Do you have valuable data on your network? Noticing odd network behavior? You could be the victim of an APT attack… [Read more at InfoWorld]

Newly IDed 'MiniFlame' malware targets individuals for attack

October 15, 2012 — A new malware variant related to the state-sponsored Flame and Gauss cyber-espionage tools can work on its own or team up with its brethren to conduct targeted surveillance… [Read more at CNET]

Security Monitoring An Elixir For Intrusion Costs?

October 12, 2012 — A recent study of the costs of cybercrime finds that security intelligence, including monitoring and threat intelligence, reduces the costs of cyberattacks the most… [Read more at Dark Reading]

Future cyber attacks could rival 9/11, cripple U.S., Panetta warns

October 12, 2012 — Secretary of Defense laid out reasons why the military should be involved in defending the country's critical infrastructure… [Read more at InfoWorld]

DOD: Hackers Breached U.S. Critical Infrastructure Control Systems

October 12, 2012 — Defense secretary Leon Panetta says cyberattacks against critical infrastructure at home and abroad--some of which he called the worst to date--should spark urgent action against the hacker threat… [Read more at InformationWeek]

Florida University Breach Exposes Data On 279,000

October 11, 2012 — At least 50 Northwest Florida State College employees hit by identity theft at this point -- including the university's president… [Read more at Dark Reading]

U.S. banks warned of another attack threat

October 10, 2012 — Russian group promotes 'Project Blitzkrieg' crimeware campaign against 30 banks… [Read more at CSO]

Web API Allows Phishing Attack

October 10, 2012 — A recent addition to HTML5, the Fullscreen API, appears to be easily abused… [Read more at InformationWeek]

Microsoft: The number of reported application vulnerabilities has increased

October 9, 2012 — After a period of steady decline that started in 2009, the number of application vulnerabilities has seen a significant increase during the first half of 2012… [Read more at InfoWorld]

Windows 7 malware infection rate soars in 2012

October 9, 2012 — Windows 7's malware infection rate climbed by as much as 182% this year, Microsoft said today… [Read more at ComputerWorld]

Hackers exploit Skype API to infect Windows PCs

October 9, 2012 — New worm reinforces Skype's reputation as an app with security issues… [Read more at InfoWorld]

Cybercrime Attacks, Costs Escalating

October 8, 2012 — Successful attacks against U.S. businesses have increased by 42% since last year, with individual businesses being hit with an average of two attacks per week, says study from Ponemon Institute and HP… [Read more at InformationWeek]

Chinese telecom firms present security threat, says Congressional report

October 8, 2012 — Chinese telecommunications gear makers Huawei and ZTE pose a threat to U.S. national security and those doing business with the companies should find another vendor, said a report… [Read more at GSN]

Cyber attacks cost U.S. businesses an average $8.9 million annually, study says

October 8, 2012 — In Germany, Japan, and the U.K., cyber crime costs much less to clean up, but the U.S. experiences more expensive attacks such as malicious insiders and Web-based incidents… [Read more at InfoWorld]

Worm spreading on Skype IM installs ransomware

October 8, 2012 — Malware is downloaded onto users' machines after they click on the message "lol is this your new profile pic?"… [Read more at CNET]

Cyber-Criminals Plan Massive Trojan Attack on 30 Banks

October 5, 2012 — Banks beware: A large-scale coordinated Trojan attack to launch fraudulent wire transfers may be headed your way… [Read more at PCMag]

Botnet Spotted Silently Scanning IPv4 Address Space For Vulnerable VoIP

October 4, 2012 — A large peer-to-peer botnet known for its resilience was spotted sniffing out potential victim voice-over-IP (VoIP) servers using an advanced stealth technique… [Read more at Dark Reading]

Hackers post data from dozens of breached college servers

October 3, 2012 — Group calling itself GhostShell says it posted thousands of usernames, passwords, and phone numbers of students and faculty to call attention to the state of education… [Read more at CNET]

Bank Site Attacks Trigger Ongoing Outages, Customer Anger

October 3, 2012 — Who's really behind the recent bank DDoS attacks? They are more diverse and powerful than previously seen hacktivist campaigns… [Read more at InformationWeek]

Malnets lead the cyberattack pack

October 2, 2012 — Report predicts malicious infrastructure will generate two-thirds of cyberattacks in 2012… [Read more at CSO]

Online Criminals' Best Friends: Malnets

October 2, 2012 — The number of large malnets--server-side infrastructure used to infect PCs and sometimes to control botnets--tracked by security firm Blue Coat has tripled this year… [Read more at InformationWeek]

DHS kicks off Cyber security awareness month

October 2, 2012 — DHS secretary Janet Napolitano called on private businesses and citizens to help secure Cyber space as the department kicked off its ninth National Cyber Security Awareness Month program… [Read more at GSN]

Adobe Says Its Code Signing Infrastructure Has Been Hacked

October 1, 2012 — Compromise means that attackers could create malware that looks like legitimate Adobe software… [Read more at Dark Reading]

White House confirms 'spearphishing' intrusion

October 1, 2012 — Official confirms report by veteran Pentagon reporter Bill Gertz saying hackers linked to China's government "broke into one of the U.S. government's most sensitive computer networks…" [Read more at CNET]

Security Intelligence Starts With Detecting The Weird

September 28, 2012 — As companies try to make sense of a greater amount of information on their networks, anomaly detection becomes more difficult but more important as well… [Read more at Dark Reading]

Cyber threat level remain 'high' for U.S. financial sector

September 28, 2012 — The cyber threat level for banks and financial institutions remains high as organized denial of service attacks cripple U.S. banking Websites… [Read more at GSN]

Profiling The Cybercriminal And The Cyberspy

September 27, 2012 — Insight into key characteristics, behaviors of cybercrime versus cyberespionage attackers can help -- but the threats aren't just from China and Eastern Europe… [Read more at Dark Reading]

Maker of smart-grid software discloses hack

September 26, 2012 — Files were affected during compromise, says company that makes software used in the "smart" electric grid… [Read more at CNET]

Vast Cyberespionage Campaign 'Brazen' In Its Approach

September 25, 2012 — RSA dissects so-called 'VOHO' attack campaign, which also shares common traits with prior attacks aimed at Google, others… [Read more at Dark Reading]

Wells Fargo is latest bank to be hit by cyberattacks

September 25, 2012 — As several banks experience outages, one group claims responsibility, saying it's retaliating for the anti-Islam movie and will continue its onslaught until the film is taken off the Web… [Read more at CNET]

Oracle database flaw deemed serious, could expose data

September 22, 2012 — With brute-force attack, intruder can gain access… [Read more at CSO]

Eastern European Cybercriminals Said to Trump Asian Counterparts in Sophistication

September 21, 2012 — East European hackers use more technologically advanced malware and detection evasion techniques compared to East Asian hackers… [Read more at CIO]

Cyberspying effort drops 'Mirage' on energy firms

September 20, 2012 — Malware targets individuals at organizations in Philippines, Taiwan, Canada and elsewhere… [Read more at CNET]

U.S. banks on high alert against cyberattacks

September 20, 2012 — Hackers engaging in wire fraud by gaining access to bank networks, FS-ISAC says… [Read more at ComputerWorld]

Bank Of America Website Slows After Islamic Hacker Threats

September 19, 2012 — Bank of America's website experienced periodic outages Tuesday, possibly due to cyber attacks… [Read more at InformationWeek]

Flame analysis reveals more cyberespionage malware

September 18, 2012 — There's 'enough evidence' to show at least one Flame-related malware is still 'operating in the wild,' said one researcher… [read more at CSO]

Elusive TDL4 malware variant infected Fortune 500 companies, government agencies

September 18, 2012 — Security researchers believe a new variant of the sophisticated TDL4 bootkit affected over 250,000 victims in the past few months… [Read more at InfoWorld]

Half of Companies Surveyed Report Web Application Security Problems

September 18, 2012 — A survey of 240 companies questioned about the relation between their Web applications and security found about half experienced at least one Web application security incident since last year, sometimes with "severe negative financial consequences"… [Read more at CIO]

Two men plead guilty to hacking Subway stores

September 18, 2012 — Romanians admit to being part of ring that hacked into payment systems at sandwich shops and stole credit card data… [Read moer at CNET]

Microsoft confirms hackers exploiting critical IE bug, promises patch

September 18, 2012 — Microsoft issued a security advisory that confirmed in-the-wild attacks are exploiting an unpatched bug in Internet Explorer… [Read more at ComputerWorld]

10 Cyber Threats Small Businesses Can't Ignore

September 17, 2012 — SMBs must be serious about cybersecurity now that they're targets, too… [Read more at InformationWeek]

How Cybercriminals Choose Their Targets

September 17, 2012 — Attackers look for companies with poor defenses and a lack of security skills, so no business, not even an SMB, is immune… [Read more at InformationWeek]

FBI warns financial institutions are being highly targeted by fraudsters

September 17, 2012 — The FBI today said cybercriminals have recently stepped up efforts to steal money and gain access to banks and other financial… [Read more at NetworkWorld]

New test results highlight Windows security struggles

September 14, 2012 — The latest results are in from AV-Test.org, an independent organization that tests consumer-security suites. Except for a few bright spots, the numbers are a bloodbath of lower scores… [Read more at CNET]

ASIS 2012: Napolitano calls on industry to spend more on cyber preparedness

September 13, 2012 — “Cyber-attacks have increased significantly in the three-plus years I have served as DHS secretary,” said Napolitano. It is time to get serious… [Read more at GSN]

Blackhole exploit kit gets upgraded to evade antivirus software

September 12, 2012 — Equipped with a souped-up admin panel, Blackhole 2.0 has undergone a total code rewrite to better bypass defenses… [Read more at InfoWorld]

Cyber attacks grow increasingly "reckless", official says

September 7, 2012 — Other nations are increasingly employing cyber attacks without "any sense of restraint," a top U.S. cybersecurity official said… [Read more at Reuters]

Elite hacker gang has unlimited supply of zero-day bugs

September 7, 2012 — Group dubbed 'Elderwood' has exploited eight unpatched IE and Flash flaws in the last 20+ months… [Read more at ComputerWorld]

Enterprises Should Bring Some Security Research In-House

September 7, 2012 — Case for enterprises to dedicate resources to analyze in-the-wild malware data to prioritize vulnerability mitigation… [Read more at Dark Reading]

Insiders Implicated in Saudi Aramco Attack

September 7, 2012 — Shadowy cyber-criminals and third-party attackers generate the most headlines, but sometimes, the bad guy is sitting just a few feet away in the same office… [Read more at PCMag]

Global Cost Of Cybercrime: $110 Billion

September 6, 2012 — Cybercrime cost U.S. consumers $20.7 billion in the past 12 months… [Read more at Dark Reading]

Does a Cyber-9/11 Loom?

September 5, 2012 — The longer Congress waits to gets its act together on cybersecurity, the longer the U.S. remains at risk of an attack by spies, terrorists, hackers or companies representing themselves or an entire rogue nation… [Read more at CIO]

Fluke DSW Win Shouldn't Erase Breach Insurance Needs

September 5, 2012 — Retailer wins in its fight to claim $6.8 million breach costs on a traditional crime policy, but others might not be as lucky… [Read more at Dark Reading]

How To Handle A Data Breach: 5 Tips For SMBs

September 5, 2012 — AntiSec's' Apple UDID dump points out why small and midsize businesses should revisit their plans for handling a customer data breach… [Read more at InformationWeek]

Leaked Apple IDs expose holes in corporate information security

September 4, 2012 — Most organizations suffering data breaches don't enforce security policies, study finds… [Read more at InfoWorld]

AntiSec Hackers Post 1 Million Apple Device IDs

September 4, 2012 — Hacker group says it got data off FBI laptop and released the file to call attention to the government's alleged possession of that information… [Read more at InformationWeek]

Older News »