Unprecedented levels of collaboration among targeted financial services firms enabled the international law enforcement operation that disrupted the Dridex botnet, security firm Fox-IT says. Now, can that model be repeated going forward?
FBI Director James Comey's declaration that the Obama administration will not pursue legislation to require vendors to create a backdoor that would permit law enforcement to circumvent encryption on mobile devices isn't the end of the matter.
An international law enforcement operation - spearheaded by the U.S. FBI and U.K. National Crime Agency - has disrupted the notorious Dridex banking malware and phishing campaign, which has been tied to at least $40 million in losses worldwide.
Dell's announcement that it plans to purchase storage maker EMC for a mind-boggling $67 billion does not make clear the fate of EMC's information security unit, RSA. Analysts believe Dell has not yet determined whether RSA fits into its long-term plans or should be sold or spun off.
Security researchers have demonstrated in a lab setting an information-stealing attack against Amazon Web Services users. But Amazon says its customers "using current software and following security best practices are not impacted by this situation."
A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year - from ransomware infections alone - has been disrupted by security researchers at Cisco's Talos security intelligence and research group.
Security on the endpoint took a long time to move away from mere patching, hardening and anti-virus technologies. To fight advanced threats, experts say visibility on endpoints is being transformed by the advent of endpoint detection and response tools.
BitSight Technologies is out with its annual Industry Benchmark Report, and cybersecurity ratings are low for the energy and utilities industry. BitSight's Mike Woodward shares insights for all sectors.
A Russian cybercriminal who used the Citadel banking Trojan to infect at least 7,000 PCs has received a 4.5 year jail sentence. Authorities tracked him in part thanks to his posts to a Citadel user group.
Reports that a Linux-based botnet has been lobbing 160 Gbps packet storms highlight how DDoS attacks remain alive and well. Experts also warn that DDoS attackers are mixing Windows and Linux malware and running extortion scams.
Cybercrimnals are now using the Dyre and Dridex banking Trojans to gather massive amounts of data about individuals and companies that could enable them to track patterns of behavior, which might later help them evade intrusion detection, says Fox-IT's Eward Driehuis.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.