Security researchers have demonstrated in a lab setting an information-stealing attack against Amazon Web Services users. But Amazon says its customers "using current software and following security best practices are not impacted by this situation."
Financial services firm E*Trade and publisher Dow Jones are separately warning their customers and subscribers that their personal information - and in some cases, payment card data - may have been compromised in a cyberattack campaign.
Three U.S. senators are demanding answers from Experian after it suffered a breach that exposed personal information for 15 million T-Mobile subscribers. They also have called for national breach notification and data security regulations.
As a result of Experian's data breach, 15 million T-Mobile subscribers are at risk from phishing attacks and fraud. But it's not clear what more T-Mobile can do to protect breach victims, says security specialist Mark James.
Discount brokerage firm Scottrade says hackers accessed its computer network and stole names and street addresses of millions of its clients. The firm says it learned of the intrusion from law enforcement officials.
Credit-rating provider Experian says a hack attack compromised a server storing sensitive personal information on millions of T-Mobile customers, including those requiring credit checks for service or device financing.
Reports that a Linux-based botnet has been lobbing 160 Gbps packet storms highlight how DDoS attacks remain alive and well. Experts also warn that DDoS attackers are mixing Windows and Linux malware and running extortion scams.
Even if China fails to live up to its promise to stop pilfering corporate trade secrets, as America's spy chief predicts, the U.S. could still benefit diplomatically from the two nations' cybersecurity agreement.
The commoditization of attack infrastructure and services in the cyber-criminal underground, and the low cost and ease of launching targeted attacks, are growing concerns that require new defense strategies, says Trend Micro's Raimund Genes.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.
Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
The attacks have evolved, breaches have multiplied, and serious security gaps have been exposed. But what most concerns FireEye President Kevin Mandia? The rise of nation-states as leading threat actors.