The six-year old Conficker worm is still a major presence in the threat landscape, accounting for 38 percent of all detections in the first half of 2014, according to security vendor F-Secure’s latest Threat Report.
In late May, an international law enforcement effort disrupted the Gameover Zeus (GoZ) botnet, a network of compromised computers used for banking fraud. The crackdown effectively eliminated the threat from Cryptolocker. Yet, ransomware is not dead, two recent analyses have found.
The Chinese authorities have launched a man-in-the-middle attack campaign against users of the country’s research and education network CERNET who try to search via Google, in a bid to monitor and censor the HTTPS site.
Home Depot has not yet confirmed that a slew of fraudulent transactions came from a breach of its systems, yet an increasing body of evidence is mounting that points to a massive compromise linked to the home-supply retail chain.
Around 350 Android apps that can be downloaded from Google play and Amazon stores fail to properly validate SSL certificates for HTTPS connections, and thus open users to Man-in-the-Middle attacks if they use them on insecure and open networks, a researcher has warned.
Home improvement retailer Home Depot Inc has been in contact with the U.S. Secret Service about an alleged major breach of customer and credit card data that came to light this week, a law enforcement source has told Reuters.
The underground market for cybercrime products and services in China is booming, with both the number of participants and IM messages sent between those participants doubling last year, according to new research from Trend Micro.
A "safe harbor" clause in the 1998 law called the Digital Millennium Copyright Act absolves websites of any legal liability for virtually all content posted on their services. The law, known as the DMCA, requires websites and other Internet service providers to remove a piece of content believed to be infringing on a copyright after being notified of a violation by the copyright owner.
Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's explanation for the attacks. And they contend the company's iCloud service remains vulnerable to similar exploits.
Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services specialist ITC Infotech, lack of a stringent BYOD policy can lead to the risk of a major security breach.
In a classic example of a ripple effect, a number of Namecheap’s users’ accounts have now been compromised in a brute-force attack, by hackers using passwords previously stolen by Russian gang CyberVor.
When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization’s mission of collective defense: For the first time, a cyber attack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing.
As nude celebrity photos spilled onto the web over the weekend, blame for the scandal has rotated from the hackers who stole the images to a researcher who released a tool used to crack victims’ iCloud passwords to Apple. But one step in the hackers’ sext-stealing playbook has been ignored — a piece of software designed to let cops and spies siphon data from iPhones, but is instead being used by criminals themselves.
Hosted at the European Cybercrime Centre (EC3) at Europol, the Joint Cybercrime Action Taskforce (J-CAT), which is being piloted for six months, will coordinate international investigations with partners working side-by-side to take action against key cybercrime threats and top targets, such as underground forums and malware, including banking Trojans.
Security researchers have spotted what they believe to be a second pro-al Assad hacking group, dubbed the Syrian Malware Team, using a .NET RAT to attack targets.