The developers of the Backoff point-of-sale malware that's infected more than 1,000 U.S. businesses have continued to refine their attack code, including encrypting communications and making the malware tougher to spot or eradicate, researchers say.
Apple iOS and Mac OS X devices are susceptible to WireLurker, a previously unseen malware family that spreads via a third-party Chinese app store, and which can infect even non-jailbroken iOS devices, Palo Alto Networks warns.
Nearly three years after his indictment, the alleged kingpin of an Estonian gang that infected 4 million PCs in more than 100 countries with malware, generating an estimated $14 million in fraudulent online ad revenue, has been extradited to the U.S.
The new director of Britain's eavesdropping agency, GCHQ, has blasted U.S. technology firms, arguing that - intentionally or not - they're "the command-and-control networks of choice for terrorists and criminals."
JPMorgan Chase in September confirmed that it was the victim of a cyber-attack that compromised customer information. This infographic provides an overview of what we know so far and what questions remain unanswered.
The National Institute of Standards and Technology has released a draft of guidance aimed at helping government agencies and businesses establish, participate in and maintain cyberthreat information sharing relationships.
A foreign currency flaw in Visa's EMV-based contactless payment card system in the U.K. could be abused to commit fraud using NFC-enabled Android devices, researchers say. But Visa discounts the possibility of real-world attacks succeeding.
A Danish court convicted the co-founder of the notorious file-sharing website, The Pirate Bay, of computer hacking and sentenced him to serve three-and-a-half years in prison. The case had nothing to do with file-sharing.
FBI and Department of Homeland Security agents have arrested two men on charges that they stole $5.8 million using reloadable debit cards, which they funded by tricking to threatening victims into adding funds to a money-sending service.
In new guidance from the PCI Council, its leaders outline why businesses that handle card data need to address employee education. Here, experts explain why this guidance is a positive step for card security.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
Air-gapped networks promise security by disconnecting PCs from the Internet. But graphics cards in malware-infected systems attached to air-gapped networks can be made to broadcast data via FM radio to nearby smart phones, researchers warn.
In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.