Verizon's annual Data Breach Investigations Report has triggered an avalanche of criticism that researchers made critical errors when studying and reporting on the top 10 most frequently exploited software vulnerabilities.
Attackers have been exploiting separate zero-day vulnerabilities in Internet Explorer and the Flash browser plug-in software. But while Microsoft has patched IE, Adobe's Flash fix remains forthcoming.
The Defense Advanced Research Projects Agency has awarded Georgia Tech a $2.9 million grant to develop a process for quickly identifying and then defending against low-volume DDoS attacks, which are far more common than high-volume attacks but can be just as disruptive.
Australian entrepreneur Craig Wright boasted that he was the secret bitcoin creator known only as "Satoshi Nakamoto." But his claim has been dismantled by security experts, leading one to call Wright "the world's first cryptographically provable con artist."
Anonymous has unleashed a DDoS campaign against banks, commencing with an attack against the Bank of Greece's website, followed by attacks against other bank websites. But the impact of the interruptions apparently has been minimal, continuing Anonymous' track record for attacks that fail to pack much of a punch.
NIST's Ron Ross, in an audio interview, explains new draft guidance that's designed to help technology vendors build secure components that their customers can use to build trustworthy information systems. Ross will be a keynoter at ISMG's Fraud and Breach Prevention Summit in Washington.
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
Some employees at organizations that use outsourced payroll provider ADP have been hit with tax return fraud. ADP blames customers for failing to secure the unique portal registration codes it issues.
A security firm claims to have obtained from a young Russian hacker a data set that includes 272 million unique credentials for Hotmail, Gmail and Yahoo email addresses, among others. But there's no reason to panic, security experts say.
The Pakistan National Assembly has approved the cybercrime bill under the Prevention of Electronic Crimes Act, 2015. It is a positive move, but given the challenges of execution, there is still far to go in ensuring a cybersecure ecosystem.
Following a massive data leak, Qatar National Bank has confirmed that its systems may have been hacked. A group with Turkish ties has claimed credit for the attack and reportedly threatened to release information from a second bank hack.
The section chief of the FBI's Cyber Division says "the FBI does not condone payment of ransom," in part because it enables criminals to victimize others. Instead, the bureau continues to urge all potential victims to get their IT house in order.
Have you tested things before they break? Could an email be a trap? In honor of Star Wars Day, we proudly present essential cybersecurity lessons as derived from - and delivered via - the wisdom and wit of the iconic space opera.
Following the theft of $81 million from Bangladesh Bank, is it time for banks to make SWIFT money transfers less automated and better supervised and thus secure? An alleged scam from the days of telex machines and code books offers useful perspective.
Just six months after law enforcement agencies coordinated a takedown to disrupt online banking credential theft linked to the banking Trojan Dridex, the malware has re-emerged with new attack tactics and new targets, researchers say. U.S. bank accounts and businesses are now primary targets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.