(3/7/2014) Samsung spokeswoman Jessica Baker said in an email that "if there is a fake Netflix app on the devices, it is something that was not preloaded by Samsung or U.S. carrier partners." Netflix spokesman Joris Evers said the company did not have a comment.
(3/7/2014) Jam and jelly maker Smucker’s last week shuttered its online store, notifying visitors that the site was being retooled because of a security breach that jeopardized customers’ credit card data.
(3/4/2014) Reacting to criticism from customers that upgrading from Windows XP was "impossible," Microsoft today announced it would give away a limited migration tool to help people move to a newer operating system.
(2/27/2014) University warns students and recent grads of possible data exposure
(2/27/2014) Malicious apps contained in the Google Play store have grown 388 percent between 2011 and 2013, according to a report from RiskIQ, an Internet security services company.
(2/21/2014) The widespread security breach reportedly compromised 40 million credit and debit cards, which are costing banks a pretty penny to reissue.
(2/21/2014) Microsoft on Wednesday issued a stopgap defense that protects Internet Explorer 9 (IE9) and IE10 against ongoing attacks until the company issues a patch, probably in three weeks.
(2/21/2014) For the second time this month, Adobe has addressed a zero-day vulnerability in its popular Flash Player.
(2/20/2014) More than 300,000 personal records for faculty, staff and students who have received identification cards at the University of Maryland were compromised in a computer security breach this week, school officials said.
(2/18/2014) Self-replicating worm program infects Linksys routers by exploiting an authentication bypass vulnerability
(2/17/2014) FireEye uncovers attacks emanating from a U.S. website just two days after Microsoft issued huge IE patch collection
(2/17/2014) Adobe and Microsoft today each issued patches to fix critical security flaws in their software.
(1/31/2014) Target said Wednesday that the hackers who attacked the company employed access credentials that were hardcoded into a product used by the retailer.
(1/31/2014) Yahoo suspects usernames and passwords were stolen from an unidentified third-party database
(1/29/2014) Kim Komando from The Kim Komando Show talks about this online threat, a watering hole attack is where hackers slip malicious code into a legitimate site.
(1/29/2014) Due to a theft of unencrypted laptops at Coca-Cola, around 74,000 current and former employees at the company may be at risk of identity theft or fraud.
(1/29/2014) Multiple sources in the banking industry say they are tracking a pattern of fraud on cards that were all recently used at Michaels Stores Inc., an Irving, Texas-based arts-and-crafts retailer that maintains more than 1,250 stores across the United States.
(1/29/2014) Computerworld - Microsoft will be able to silently reach into Windows XP PCs for more than a year after it stops patching the aged OS to clean malware-infected machines, sources close to the company confirmed Friday.
(1/28/2014) NCSA is teaming up with Facebook to broadcast the Data Privacy Day Kick Off event live online for the world to watch. The live stream will be made available via NCSA’s Data Privacy Day Facebook page this morning starting at 11:20 a.m. ET.
(1/24/2014) Researchers have discovered a new Android malware family that disguises itself as a security app, and intercepts the incoming texts and calls of victims.
(1/22/2014) Now Reuters is reporting that cyberintelligence firm IntelCrawler has unearthed evidence pointing toward at least six ongoing schemes at U.S. merchants with credit card processing systems plagued by the same type of malicious software
(1/22/2014) Changes in Google Chrome extension ownership can expose thousands of users to aggressive advertising and possibly other threats, two extension developers have recently discovered.
(1/8/2014) This January, the National Cyber Security Alliance is partnering with Reputation.com and the Rape, Abuse & Incest National Network (RAINN) to empower survivors of domestic violence and sexual assault by offering tools and resources that will help survivors gain control of their digital footprint and protect their personal information.
(1/7/2014) Security researchers have uncovered evidence of a new piece of malware that may be able to take gigabytes' worth of data hostage unless end users pay a ransom.
(1/7/2014) A manufacturer of broadband and wireless networking equipment may be the link that ties together a number of Wi-Fi routers that contain backdoors, some of which are vulnerable to remote attacks, according to a researcher.
(12/27/2013) An Israeli security team says a vulnerability in Samsung's Knox security platform enables malicious software to track e-mails and record data communications.
(12/20/2013) The breach, which was first reported by security journalist Brian Krebs on Wednesday, continued through December 15 and may have affected all locations nationwide. Customers who shopped through Target’s online storefront are not believed to have been affected.
(12/19/2013) Target said Thursday that the credit and debit card information of as many as 40 million customers was compromised over three weeks of the holiday shopping season — one of the largest breaches ever of American consumer data.
(12/17/2013) Horizon Blue Cross Blue Shield of New Jersey (BCBSNJ) began sending notification letters to more than 800,000 members on Dec. 6, alerting them that their personal information may have been compromised after two unencrypted laptops were stolen from the insurance provider's Newark headquarters about one month prior.
(11/27/2013) Twitter is the latest to implement "forward secrecy," a cryptographic technique that should stymie even the NSA.
(11/18/2013) Security updates for Flash Player addressed two critical vulnerabilities that could cause the software to crash and potentially allow a saboteur to take control of an exploited system, Adobe revealed in a bulletin.
(11/18/2013) Microsoft today issued security updates to fix at least 19 vulnerabilities in its software, including a zero-day flaw in Internet Explorer browser that is already being actively exploited.
(11/7/2013) Comments One federal agency is replacing workforce security awareness tutorials with real world hack attempts to test employee reflexes.
(11/5/2013) Computerworld - Google on Thursday expanded malware blocking in an early development build of Chrome to sniff out a wider range of threats than the browser already recognizes.
(11/1/2013) The recent data breach at Adobe that exposed user account information and prompted a flurry of password reset emails impacted at least 38 million users, the company now says.
(11/1/2013) Microsoft yesterday again put the scare into Windows XP users, telling them that after April 8, 2014, the chance that malware will infect their PCs could jump by two-thirds.
(10/29/2013) A malicious software program found in ATMs in Mexico has been improved and translated into English, which suggests it may be used elsewhere, according to security vendor Symantec.
(10/21/2013) Windows 8.1’s new device encryption treats your x86-based Windows tablet or laptop more like an ARM-based tablet or smartphone. Rather than requiring a user or system administrator to enable it, your device’s boot partition comes encrypted out of the box
(10/15/2013) A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device's settings, a serious security problem that could be used for surveillance.
(10/15/2013) Beginning Jan. 8, Yahoo will enable encryption by default for users logging into its Web-based mail service, the company has told The Washington Post.
(10/14/2013) While much has been said of the A7 chip in the new iPhone 5S — arguably the “world’s first consumer ARM-based [system-on-a-chip]” — its associated new M7 coprocessor was surprisingly under-hyped, by both industry media and Apple
(10/14/2013) Just this past weekend, for instance, department store chain Nordstrom said it found a half-dozen of these skimmers affixed to registers at a store in Florida.
(10/14/2013) Adobe has released security updates for its popular Reader and Acrobat products for Windows users.
(10/4/2013) Adobe Systems Inc. is expected to announce today that hackers broke into its network and stole source code for an as-yet undetermined number of software titles, including its ColdFusion Web application platform, and possibly its Acrobat family of products
(10/4/2013) LinkedIn has closed the door on four cross-site scripting (XSS) vulnerabilities, which could have been used to ultimately steal credentials from users.
(10/1/2013) Have you noticed the Google URL in your browser's address bar now has an HTTPS in front? That is because the internet and technology services giant announced earlier this week that every search will now go over secure sockets layer (SSL), something its account members – those with Google accounts – have been benefiting from since 2011.
(9/30/2013) If you appear to pirate on an AT&T connection, your service may be terminated.
(9/30/2013) Oracle added a feature in Java that lets companies control what specific Java applets are allowed to run on their endpoint computers, which could help them better manage Java security risks.
(9/6/2013) Microsoft today said it will ship 14 security updates next week to patch critical vulnerabilities in Internet Explorer (IE), Windows, Office and SharePoint, its enterprise collaboration platform.
(8/30/2013) McAfee announced today that it has sponsored a report with IHL Group, a global research and advisory firm specializing in technologies for the retail and hospitality industries, to assess retailer security and the approaches used to safeguard retailer transactional systems.
(8/30/2013) Facebook received more than 25,000 requests from governments about its users during the first half of 2013, with nearly half of those requests coming from U.S. law enforcement and related agencies, the company said.
(8/30/2013) "Media is going down..." That's what the Syrian Electronic Army (SEA) tweeted Tuesday, as the pro-Assad hacker collective announced domains belonging to The New York Times, Huffington Post U.K., and Twitter were compromised.
(8/23/2013) The Food and Drug Administration (FDA) has issued new guidance on the radio frequencies of wireless medical devices, including recommendations for authentication and encryption measures to ensure the security of the device and the safety of the patient.
(8/23/2013) Google on Tuesday shipped Chrome 29, patching 25 vulnerabilities and rolling out under-the-hood changes the company said would offer more relevant suggestions when users typed in URLs or search strings.
(8/23/2013) The insurer for Midwestern supermarket chain Schnucks, whose systems were hacked last winter to steal 2.4 million credit card numbers, is claiming in court that the grocer's policy doesn't cover the cost of lawsuits arising from the breach.
(8/16/2013) Microsoft has issued security updates to fix at least 23 distinct vulnerabilities in its Windows operating systems and other software.
(8/16/2013) The Washington Post acknowledged today that a sophisticated phishing attack against its newsroom reporters led to the hacking of its Web site, which was seeded with code that redirected readers to the Web site of the Syrian Electronic Army hacker group.
(8/13/2013) Not long after the Windows-targeting banking trojan KINS hit the market, saboteurs have introduced new financial malware capable of infecting Linux users.
(8/8/2013) Researchers have unearthed another malicious app exploiting a critical vulnerability in Google's Android OS that allows attackers to inject malicious code into legitimate programs without invalidating their digital signature.
(7/31/2013) More than 1,200 apps published to the official Google Play app store in the past seven months have been designed by "one-click fraud" scammers. But a new variation on that scam now involves many more clicks than just one.
(7/31/2013) Gas pump skimmers are getting craftier. A new scam out of Oklahoma that netted thieves $400,000 before they were caught is a reminder of why it’s usually best to pay with credit versus debit cards when filling up the tank.
(7/31/2013) Three White House staffers have had their personal Gmail accounts breached in what appears to be a malicious operation directed at the team responsible for the Obama administration's social media outreach, according to individuals familiar with the incident.
(7/26/2013) The recent attack against Apple's Web site for developers has prompted a flood of phishing e-mails asking people to change their passwords.
(7/26/2013) Five men from Russia and Ukraine have been indicted in New Jersey for charges they conspired with each other in a worldwide hacking scheme targeting major corporate networks that compromised more than 160 credit card numbers, the U.S. Department of Justice announced.
(7/16/2013) A new version of a file-infecting malware program that's being distributed through drive-by download attacks is also capable of stealing FTP (File Transfer Protocol) credentials, according to security researchers from antivirus firm Trend Micro.
(7/16/2013) After being ordered to pay $100,000 to the state of Indiana after a major breach of customer data, an Indianapolis-based health insurer faces another costly payout – a $1.7 million settlement with the U.S. Department of Health and Human Services (HHS).
(7/10/2013) Patch Tuesday will feature seven security bulletins, including six with the highest severity rating of "critical."
(7/5/2013) About a month ago, Atlantic Media Chief Technology Officer Tom Cochran blasted out a faux phishing email to all 450 email addresses in the company directory. The results, he said, should be something of a wake-up call.
(6/25/2013) Google is trying to better protect the users of its Chrome Web Store from malicious browser apps and extensions. As is already the case in the Google Play Android apps store, content uploaded to the Chrome Web Store will now also be automatically scanned for malware.
(6/25/2013) NSA, FBI, DOJ officials tell Congress secret programs are vital to U.S. security; outline ways to keep sysadmins from leaking classified data
(6/21/2013) LinkedIn's domain name was temporarily redirected to a third-party server Thursday, which resulted in a service outage and potentially put user accounts at risk of compromise.
(6/21/2013) Federal authorities said today that, since June 2010, they have seized more than 1,700 domains that allegedly breached intellectual property rights.
(6/21/2013) The United States and Russia have signed a landmark agreement to reduce the risk of conflict in cyberspace through real-time communications about incidents of national security concern.
(6/18/2013) BlackBerry has released an advisory that describes a critical privilege/permissions vulnerability in BlackBerry 10 OS.
(6/11/2013) Researchers say they have discovered a sophisticated trojan that targets Android smartphones
(6/7/2013) It plans to patch 23 vulnerabilities, including 19 in a critical update for all versions of Internet Explorer
(6/7/2013) A botnet infrastructure believed responsible for stealing more than a half-billion dollars from individuals and organizations worldwide has been crippled, Microsoft announced Wednesday evening.
(6/3/2013) Months after a secret e-mail search controversy at Harvard College, Evelynn M. Hammonds announced on Tuesday that she will step down as dean on July 1, according to a statement posted online.
(6/3/2013) Drupal.org has reset account passwords after it found unauthorized access to information on its servers.
(5/29/2013) Google will update its certificate infrastructure and has, as a precaution, warned of potential problems.
(5/15/2013) Malicious browser extensions are trying to hijack Facebook profiles, according to a warning from Microsoft's Malware Protection Center.
(5/10/2013) 33 fixes will also include patches for the IE10 Pwn2Own vulnerabilities
(5/10/2013) A Denver-based domain name provider has suffered a breach where customers' personal data, including encrypted passwords and credit card information, was compromised.
(5/7/2013) At least 18 Alaskan students are accused of using a phishing scam to gain control over the computers at their middle school.
(4/30/2013) An update to the Google Play Store contains mostly minor tweaks except for one security fix: apps are no longer allowed to bypass the Play Store when updating.
(4/26/2013) Getting hacked on Twitter is fast becoming a rite of passage for big corporations, but Tuesday's attack on the Associated Press could be a tipping point and shows that social networks must do more to keep their users safe, security experts said.
(4/26/2013) Microsoft is now issuing a replacement patch for a fix that was shelved two weeks ago after customers reported problems resulting after they installed it.
(4/23/2013) Researchers have discovered a new family of malware that found its way into legitimate apps inside Google's official store thanks to a malicious advertising network.
(4/19/2013) Microsoft today announced that it is rolling out optional two-factor authentication to the 700 million or so Microsoft Account users, confirming last week's rumors.
(4/19/2013) Thirteen popular home and small office routers contain security problems that could allow a hacker to snoop or modify network traffic, according to new research.
(4/18/2013) Microsoft is urging users to who haven’t installed it yet to hold off on MS13-036, a security update that the company released earlier this week to fix a dangerous security bug in its Windows operating system.
(4/18/2013) The Schnucks supermarket chain struggled for two weeks to find the source of a breach after being alerted to a possible leak of credit card info by its card processing company. During that time, Schnucks apparently continued exposing the debit and credit card data of people who shopped at its stores.
(4/18/2013) Unidentified hackers are said to have have launched a large-scale attack against WordPress blogs and any hosts using weak passwords are urged to update them immediately.
(4/12/2013) System administrators and IT security pros can take bit of a breather: Microsoft issued a comparatively light set of patches for this edition of its monthly release of software vulnerability fixes.
(4/12/2013) A New Jersey hospital can now pursue a subpoena that would require an internet service provider (ISP) to hand over information potentially identifying at least one person accused of hacking into its email server.
(4/12/2013) A rash of breaches at companies that develop online videogames has resulted in digital certificates being stolen from the companies and used in attacks targeting other industries and political activists.
(4/12/2013) The United States' budget for the 2014 fiscal year will include increased spending on cybersecurity defenses.
(4/5/2013) Harvard University President Drew Faust has ordered a comprehensive review of the university's email privacy polices amid disclosures that a secret search of some deans' email accounts by administrators was broader than originally acknowledged.
(4/5/2013) This is an advance notification of security bulletins that Microsoft is intending to release on April 9, 2013.
(4/2/2013) A flaw in the widely used BIND DNS (Domain Name System) software can be exploited by remote attackers to crash DNS servers and affect the operation of other programs running on the same machines.
(3/29/2013) Security researchers have discovered what appears to be the first known sighting of in-the-wild Android malware that's been designed to conduct targeted attacks.
(3/26/2013) A former student of Cal State University in San Marcos, Calif., pleaded guilty to wire fraud, access device fraud and unauthorized use of a computer after being accused of stealing the identities and passwords of 745 students to rig campus elections.
(3/22/2013) A new Mac OS X Trojan is making the rounds, installing an adware plug-in that renders ads on Web pages to generate revenue for its author.
(3/22/2013) Several high-profile Xbox Live accounts for former and current Microsoft employees were compromised by attackers using social engineering techniques, the company said late Tuesday.
(3/12/2013) Apple has finally fixed a security flaw in its application store that for years has allowed attackers to steal passwords and install unwanted or extremely expensive applications.
(3/11/2013) Microsoft today announced it will deliver seven security updates next week, four of them rated "critical," to patch Internet Explorer (IE), Windows, Office, SharePoint Server and the Silverlight media software.
(3/11/2013) The Federal Trade Commission is cracking down on affiliate marketers that allegedly bombarded consumers with hundreds of millions of unwanted spam text messages in an effort to steer them towards deceptive websites falsely promising “free” gift cards.
(3/5/2013) Users of Apple's Safari browser will be blocked from using unpatched Adobe Flash software following a new security update.
(3/1/2013) A new cyber-espionage campaign dubbed MiniDuke used the recent Adobe Reader zero-day exploit
(3/1/2013) There is a silver lining to the rash of revelations about cyberintruders cracking into the networks of marquee U.S. corporations.
(2/27/2013) The website of the US television network NBC, NBC.com, has been hacked and the computers of visitors to it have been infected with malware.
(2/27/2013) The software giant said it was hit with a similar hack to that used against Facebook and Apple
(2/19/2013) Adobe on Saturday said it would release an emergency patch for two Reader zero-day vulnerabilities this week.
(2/19/2013) Facebook says it was recently hacked, though it says no data about its more than a billion users was compromised.
(2/19/2013) BlackBerry has published details of critical vulnerabilities in components of its BlackBerry Enterprise Server (BES). The holes allow attackers to execute arbitrary code on systems running BlackBerry Enterprise Server.
(2/19/2013) The Chinese military hacking group that has stolen huge amounts of data from U.S. organizations is one of some 20 active cyberspying groups engaging in comparable data theft and espionage.
(2/8/2013) Microsoft and Symantec worked with US and Spanish officials to take down the Bamital click-fraud botnet which has been operating since at least 2009 and was, at one point, made up of more than 1.8 million compromised systems.
(2/8/2013) There are millions of vulnerable Android phones in the hands of consumers today because wireless phone carriers and phone hardware makers refuse to transmit existing software security fixes to phones in a timely manner, according to a security researcher.
(2/4/2013) For the second time in a month, Apple has effectively blacklisted the current version of the Java Web plugin on OS X.
(2/4/2013) Cites security, stability reasons for move to turn on 'click-to-play' for all but the latest Flash
(1/28/2013) Some 57,000 patients seen at the Palo Alto, Calif.-based Lucile Packard Children's Hospital have been notified of a potential HIPAA-breach after an unencrypted company laptop containing patient medical information was stolen from a physician's car Jan. 9.
(1/28/2013) Printers that use popular print server software sold by Hewlett-Packard are vulnerable to attacks that can bypass built-in biometric defenses, recover previously printed documents and crash all vulnerable machines attached to a network.
(1/22/2013) Researchers have discovered two security holes in a popular mobile app used to track sports news and scores, leaving users vulnerable to having their data exposed.
(1/22/2013) The long-awaited HIPAA omnibus rule was posted by the Department of Health and Human Services (HHS) on the Federal Register public inspection desk yesterday.
(1/18/2013) Researchers have exploited critical vulnerabilities in two popular medical management platforms used in a host of services, including assisting surgeries and generating patient reports.
(1/18/2013) Seculert researchers identified a Java exploit and corresponding attack pages on Red October command and control servers
(1/18/2013) Less than 24 hours after Oracle patched a dangerous security hole in its Java software that was being used to seize control over Windows PCs, miscreants in the Underweb were already selling an exploit for a different and apparently still-unpatched zero-day vulnerability in Java, KrebsOnSecurity has learned.
(1/8/2013) A Hayden, Idaho-based hospice is the first health care organization to be fined for sustaining a breach that affected fewer than 500 individuals.
(1/4/2013) California and Illinois on Tuesday joined four others in becoming the union’s only states barring employers from demanding that employees fork over their social-media passwords.
(12/28/2012) Approximately 4,000 patients at the University of Michigan Health System (UMHS) have been notified this December that their personal health information has been compromised, UMHS officials announced.
(12/21/2012) FCC publishes 10-step plan for securing mobile devices and their data
(12/18/2012) Developer finds vulnerability in Exynos 4-powered devices, including the Galaxy S2 and Galaxy Note, that bypasses system permissions, letting data be extracted from RAM or malicious code be injected.
(12/12/2012) Identity theft is more rampant in health care than any other U.S. industry, according to the Ponemon Institute's third-annual report on patient privacy and data security.
(12/4/2012) The FBI is investigating a breach at Nationwide Insurance, where hackers recently accessed the sensitive information of about one million people, including policy and non-policy holders.
(12/4/2012) Antivirus vendors are warning customers of a spreading malware that can infect computers through a well-known bug in the Windows AutoRun software used to automatically launch programs on a DVD or USB device.
(12/3/2012) Google has updated the Stable, Beta and Developer Channels of the desktop version of its Chrome browser with a number of bug fixes and improvements.
(11/20/2012) Facebook has finally started using HTTPS by default, following a 2010 FTC demand and in the distant footsteps of Google, Twitter, and Hotmail.
(11/16/2012) Months after being notified of a vulnerability described as "child's play" to exploit, Skype has temporarily addressed the issue by disabling password resets.
(11/16/2012) Adobe pulls down the forum for its video conferencing service, Adobe Connect after a hacker breached its security and leaked information, including password hashes, on 150,000 users.
(11/13/2012) Microsoft is prepping six patches that will rectify 19 vulnerabilities in Windows, Internet Explorer, Office and the .NET Framework.
(11/13/2012) Many users are waiting a month or more to apply important security updates that can protect them from exploits and malware.
(11/6/2012) The social network corrects a flaw over the weekend that could potentially have put over a million accounts at risk of being accessed by unauthorized users.
(11/6/2012) Forcing secured connections protects the privacy and security of users and their data, Mozilla said
(11/2/2012) The Homeland Security Department has created a new fellowship program designed to attract recent college graduates into cybersecurity careers.
(10/29/2012) Payment terminals at 63 stores in eight states compromised; unknown number of customers affected
(10/25/2012) You can't go anywhere online without a password these days. You certainly can't play many games without one. The problem, though, is that most of us just aren't very password-creative. Hackers delight in posting usernames and passwords online when they raid a database. To prove the point -- and to help us all make better password decisions -- SplashData compiles an annual list of the most common (and therefore, the worst) passwords from those listings.
(10/12/2012) Confidential information of nearly 300,000 students, faculty, and employees is accessed in hack, education officials warn.
(10/12/2012) Mozilla re-released Firefox 16 today after pulling the browser from distribution Wednesday when one of its developers found a critical bug that could be used by attackers to hijack machines.
(10/10/2012) A malicious worm spreading through Skype instant messages threatens to take control of a victim's machine and hold its contents for ransom.
(10/10/2012) Adobe today issued a surprise update for Flash Player that patched 25 critical vulnerabilities in the ubiquitous media software.
(10/10/2012) Security researchers at RSA warned Thursday that a sophisticated plan is being hatched online to raid the bank accounts of customers at some 30 banks in the United States.
(10/8/2012) Google is issuing a warning similar to one it had sent in June to tens of thousands of Gmail users to inform them that their accounts may be targeted by hackers.
(10/8/2012) Single critical update will fix serious flaws in Office 2007, 2010 on Windows that hackers could use to hijack PCs
(10/8/2012) The agency puts a halt to six such tech support cons, part of a larger effort to stop phony tech support companies from scamming consumers.
(9/28/2012) Adobe takes action after finding malware signed with the Adobe certificates.
(9/26/2012) Microsoft has released an emergency update for Internet Explorer that fixes at least five vulnerabilities in the default Web browser on Windows, including a zero-day flaw that miscreants have been using to break into vulnerable systems.
(9/26/2012) Apple has released updates for versions 10.6 (Snow Leopard), 10.7 (Lion) and 10.8 (Mountain Lion) of its Mac OS X operating system that close a number of critical security holes.
(9/24/2012) Using this exploit attackers can take full control of a Galaxy S3 smartphone, researchers demonstrated
(9/18/2012) Google browser users should see support for privacy setting that turns off tracking cookies related to ads, by year's end.
(9/18/2012) HD Moore, maker of Metasploit, urges users to ditch IE7, IE8 and IE9 until Microsoft fixes critical flaw
(9/14/2012) The version of the Adobe Flash plugin that's bundled with Internet Explorer 10 in Windows 8 is out of date, leaving users susceptible to exploitation.
(9/14/2012) According to data released by Gartner, worldwide spending on security is expected to rise to $60 billion in 2012, up 8.4 percent from $55 billion in 2011.
(9/11/2012) Gang that attacked Google in 2009 has continued operating, stealing sensitive data via zero-day attacks and compromising target companies' business partners.
(9/11/2012) The White House is circulating a draft of an executive order aimed at protecting the country from cyberattacks, The Hill has learned.
(9/7/2012) As enterprises expand their roll-outs of mobile applications, the Federal Trade Commission wants them to be mindful of the privacy and security ramifications that go along with these advancements.
(9/4/2012) Three high-severity holes have been fixed in Google's latest stable channel update to the Chrome web browser.
(9/4/2012) Hackers created a malicious version of a legitimate Microsoft email announcement
(8/31/2012) A former programmer for Toyota has been accused of sabotaging applications on the car company’s network and stealing data after he was fired from his job last week, according to a civil complaint filed by the company.
(8/28/2012) Online file-backup and storage service Dropbox has begun offering a two-step authentication feature to help users beef up the security of their accounts.
(8/22/2012) European IP address authority RIPE NCC has reallocated two IP address blocks that were previously used by the DNSChanger malware. The FBI and the Internet Systems Consortium (ISC) had control over the addresses from last November through to mid-July of this year, in accordance with a US court order, as there was concern about a total blackout for private users' manipulated computers.
(8/20/2012) So what should you do to avoid being another one of these smart people to whom a bad thing could easily happen? You shouldn't allow yourself to be a lightning rod in the middle of the cloud.
(8/17/2012) A distributed denial-of-service attack aimed at AT&T's DNS (Domain Name System) servers has disrupted data traffic for some of the company's customers.
(8/15/2012) The U.S. Federal Trade Commission has approved a settlement with Facebook related to charges that the social networking leader deceived consumers regarding the privacy of their data.
(8/15/2012) As more patient records go digital, a recent hacker attack on a small medical practice shows the big risks involved with electronic files.
(8/14/2012) Training and education are key elements to securing users and data, because even the best technical solutions are incapable of protecting both in every situation.
(8/13/2012) Apple and Amazon have changed their policies about letting users update account information over the phone, after hackers successfully exploited flaws in both systems to gain access to a journalist's online accounts.
(8/13/2012) Google will pay a historic fine to settle U.S. government charges that it violated privacy laws when it tracked via cookies users of Apple's Safari browser.
(8/8/2012) Former Gizmodo reporter says device wipes and Twitter breaches occurred after an AppleCare technician fell victim to a bit of social engineering.
(8/8/2012) Reuters has suffered a second security breach in two days after hackers gained control of one of its Twitter accounts, the news agency revealed this morning.
(8/6/2012) The spam outbreak that last month flooded the inboxes of Dropbox customers has been traced back to a hacked employee account, company representatives said late Tuesday.
(8/1/2012) Crisis malware lets attackers install without an administrator password and intercept email, IM, and other communications.
(7/25/2012) Several major software companies, including Microsoft and Symantec, today kicked off what they called "International Technology Upgrade Week" in an attempt to persuade users to keep their code current.
(7/25/2012) Hackers are sending well-crafted malicious spam to customers of software vendor MapleSoft whose details were stolen in a recent data breach.
(7/20/2012) In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home.
(7/19/2012) NEW YORK (CNNMoney) -- Good news for your email inbox: You'll be seeing less spam in it now, thanks to a global takedown effort that knocked one of the world's biggest spammers offline this week.
(7/17/2012) Yahoo said Friday that it has fixed a security vulnerability that allowed hackers to seize roughly 450,000 unencrypted email addresses and passwords belonging to members of its content-sharing platform.
(7/13/2012) (CNN) -- Hackers posted online what they say is login information for more than 450,000 Yahoo users.
(7/13/2012) Google has published a new update to the stable 20.x branch of Chrome to close a number of security holes in the WebKit-based web browser.
(7/9/2012) This is an advance notification of security bulletins that Microsoft is intending to release on July 10, 2012.
(7/5/2012) In 10 days, there's a chance you will not be able to access the Internet on your personal computer. No email, no Facebook, no Google, no Twitter — nothing.
(6/29/2012) The Alaska Department of Health and Social Services (DHSS) will shell out $1.7 million to settle violations of the HIPAA Security Rule.
(6/29/2012) Hotel chain slammed for poor information security practices, leading to attackers obtaining 600,000 credit card numbers and committing millions of dollars in fraud.
(6/27/2012) One of the new features in the recent Firefox 13 release is raising security concerns from privacy-conscious users: when users open a new tab in version 13 of the open source web browser, they are presented a grid of the nine most visited pages, each with its own screenshot thumbnail.
(6/27/2012) Data Security Bill is fourth attempt to craft a national law to supersede legislation now on the books in more than 40 states. But it's weaker than some state laws.
(6/25/2012) An unpatched vulnerability in the Microsoft XML Core Services (MSXML) is being exploited in attacks launched from compromised websites to infect computers with malware, according to security researchers from antivirus vendor Sophos.
(6/25/2012) A malware campaign targeting AutoCAD drawings uncovered by security researchers at ESET could be a massive case of industrial espionage.
(6/19/2012) MacRumors reports that, according to the release notes of the developer preview version of iOS 6, the operating system will request explicit user permission when an application attempts to access contacts, calendars, reminders and photos.
(6/19/2012) According to a new report, some companies that have fallen victim to hacking attacks have gone as far as hiring security firms to hack back.
(6/15/2012) Microsoft Security Bulletin Summary for June 2012
(6/15/2012) Hackers might have stolen the personal information of individuals who applied for a merchant account with card payment processor Global Payments.
(6/12/2012) Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.
(6/11/2012) With the July 9 Web apocalypse nearing for computer owners infected with the malicious DNSChanger malware, the social network reaches out to tell them how to clean their machines.
(6/1/2012) The House Financial Services Committee is slated to hold a hearing this Friday on the impact of cyber heists against small- to mid-sized businesses.
(5/29/2012) Google has begun warning visitors to its search engine if they are infected with the DNSChanger malware, and providing them with a link to disinfection instructions.
(5/23/2012) Malware writers use Crossrider browser extension development framework to build Facebook worm.
(5/16/2012) Fraud experts are encouraged to see banks joining forces with law enforcement to fight cybercrime. But as online attackers become increasingly organized, financial institutions may find themselves fighting even tougher battles.
(5/11/2012) Twitter has attempted to assure its users after reports circulated of 55,000 accounts being hacked and login credentials publicly disclosed.
(5/11/2012) The FBI is warning individuals who travel abroad that cybercriminals are installing malware through bogus software updates when users connect to the internet in their hotel rooms.
(5/8/2012) Microsoft cuts Chinese firewall company Hangzhou DPTech Technologies from Microsoft Active Protections Program (MAPP) for its role in disclosure of Windows Remote Desktop (RDP) flaw.
(5/8/2012) Apple on Monday pushed out a security update for its mobile operating system, iOS, to patch four vulnerabilities.
(5/2/2012) Microsoft has issued a temporary fix for a scary and potentially disastrous Hotmail vulnerability that could allow hackers to erase your email password, set up their own and take over your account.
(5/2/2012) Virtualisation specialist VMware is warning customers about multiple security holes in versions 4.0 and 4.1 of its ESX enterprise-level computer virtualisation product.
(4/27/2012) The effort to clean up the DNSChanger malware attack is seeing renewed focus as the rogue DNS server shutdown deadline approaches on July 9.
(4/27/2012) In its latest Security Intelligence Report, Microsoft says weak passwords and unpatched systems conspire to let the three-year-old Conficker worm continue to propagate.
(4/25/2012) The developers of the popular open source blog engine WordPress have released a security update for the software.
(4/25/2012) Firefox 12, set to release Tuesday, sidesteps Windows' UAC
(4/20/2012) Netflix's chief executive has accused Comcast of abandoning net-neutrality rules by exempting one of its products from monthly caps on data usage.
(4/18/2012) In a set of recent updates to Mac OS X, Apple patched a vulnerability in Java that had allowed a malware infection known as Flashback to spread to some 700,000 of its computers. Now, a new backdoor Java threat called SabPub has reared its head, validating Apple's aggressive measures to block issues due to the plugin.
(4/16/2012) Scammers are out in force as the tax filing deadline approaches. Here are some of the most common scams to be on the lookout for.
(4/16/2012) Oracle is planning to release 88 patches on Tuesday, covering vulnerabilities affecting a wide array of its products, according to a pre-release announcement posted to its website on Thursday.
(4/16/2012) Apple battens down the security hatches by requiring users to create security questions and identify a backup e-mail address.
(4/10/2012) When the authorities send a subpoena to Facebook for your account information, what do they receive? Here is a document showing the pages and pages of data Facebook hands over.
(4/10/2012) Those cool mobile devices beloved by consumers carry deep-rooted security flaws that are only now being discovered and addressed.
(4/3/2012) Credit card processing company Global Payments has confirmed that a vulnerability within its system led to the theft of up to 1.5 million credit card records.
(3/23/2012) Google yesterday patched nine vulnerabilities in Chrome in the sixth security update to Chrome 17, the edition that launched Feb. 8.
(3/23/2012) A group of U.S. Internet service providers, including the four largest, have committed to taking new steps to combat three major cybersecurity threats, based on recommendations from a U.S. Federal Communications Commission advisory committee.
(3/16/2012) Mozilla yesterday reiterated that it's still working on silent updates for Firefox, and said it should have the Chrome-like service in place by early June.
(3/16/2012) Microsoft issued six patches on Tuesday, but in particular, it focused on warning firms to expedite applying a fix for a critical vulnerability that will likely be exploited quickly by online criminals.
(3/16/2012) Among the most recent, reported by Trusteer, a Boston-based provider of secure web access services, are two online banking fraud schemes designed to defeat the one-time-password (OTP) authorization systems used by many banks.
(3/14/2012) Researchers last Friday unveiled zero-day vulnerabilities in Google's Chrome and Mozilla's Firefox during the final day of two hacking challenges that awarded $210,000 to contestants.
(3/14/2012) Secunia publishes information on two vulnerabilities in browser after Apple reportedly fails to provide status updates
(3/7/2012) For the second time in less than a month, Adobe has issued an update to fix dangerous flaws in its Flash Player software. The patch addresses two vulnerabilities rated “critical,” but Adobe says it is not aware of active attacks against either flaw.
(3/7/2012) Google yesterday patched 14 vulnerabilities in Chrome and handed out a record $47,500 in rewards to researchers, including $30,000 for "sustained, extraordinary" contributions to its bug-reporting program.
(3/7/2012) Sen. Charles Schumer says the companies should be investigated after it was revealed that private information is available in apps running on iOS and Android.
(2/29/2012) How do you stop a software pirate? Valve Software managing director and co-founder Gabe Newell has said that it's an issue of quality of service: Provide potential gamers a service and value greater than that which they could achieve by piracy, and they'll purchase a title instead of downloading it.
(2/28/2012) Users aren't patching problem-plagued remote access program; up to 5K point-of-sale systems at risk
(2/17/2012) A new version of the Waledac malware has been spotted on the Internet, but unlike previous variants, which were mainly used for spamming purposes, this one steals various log-in credentials and BitCoins, a type of virtual currency.
(2/17/2012) Adobe Wednesday announced the release of a new version of its Flash player that fixes seven security flaws, one of which is already being targeted via zero-day attacks. Adobe has recommended that all users immediately install the Flash player update.
(2/14/2012) Mozilla has released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1 and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients which appeared in version 10.
(2/14/2012) AT&T customers surprised by 'unlimited data' limit
(2/10/2012) The General Services Administration on Tuesday released extensive new details on FedRAMP, the federal government's new standardized approach to vetting the security of cloud computing services, taking an important step toward launching the program.
(2/3/2012) Symantec says hotfix 'eliminates known vulnerabilities,' but hackers could use source code to exploit unknown holes. Some users will want to delete the app entirely.
(2/3/2012) Attackers targeted executives in the defense industry and government officials with fake invitations to conferences to install the MSUpdater Trojan to steal sensitive data.
(2/3/2012) Apple released its first security update for 2012 and the first major update for OS X Lion. Apple released 39 patches addressing 52 CVE issues and revoked DigiCert Malaysia.
(2/3/2012) Google has quietly announced changes to its Blogger free-blogging platform that will enable the blocking of content only in countries where censorship is required.
(1/31/2012) Security researchers from antivirus vendor Trend Micro have come across a Web-based attack that exploits a known vulnerability in Windows Media Player.
(1/31/2012) Companies such as Facebook, Google and PayPal are pushing for widespread use of a new technical specification, DMARC, that could make it harder for phishers to reach their victims.
(1/27/2012) Critical vulnerability disclosed Monday was actually fixed earlier this month
(1/27/2012) National Institute of Standards and Technology urges government and private sector users not to leave cloud security to providers or service arrangements.
(1/27/2012) Symantec is advising users of its pcAnywhere remote access product to disable the software if they don't absolutely need it.
(1/25/2012) Unauthorized database access prompted DreamHost to reset the FTP and shell access passwords of its customers
(1/23/2012) The justices have not squarely addressed the student-speech issue as it applies to the digital world — one filled with online social-networking tools such as Facebook, Twitter, MySpace and others. The issue before the justices tests whether public schools may discipline students who, while off campus, use social-networking sites to mock school officials.
(1/18/2012) Online clothing shop Zappos.com reset the passwords of over 24 million customers after security breach
(1/11/2012) As companies and users engage in shared ownership of devices and data, there's no clear answer on the right legal approach
(1/11/2012) Google last week patched Chrome 16 and improved the download warnings in the impending Chrome 17.
(1/9/2012) Mystery of the month, say experts, is what Microsoft means by 'security feature bypass' update
(1/9/2012) A pervasive worm has expanded its reach to now steal login and password details for Facebook users, warned security vendor Seculert, which found a server holding 45,000 login credentials.
(1/9/2012) Jailbreakers may find it more difficult to find pirated apps from the App Store thanks to Apple's latest legal maneuvers. The company has reportedly been sending DMCA takedown notices to Apptrackr, a popular service for tracking down cracked apps, in order to try and cut off pirated app downloads at the source.
(1/3/2012) A few companies pay money to bug hunters. But Facebook is giving out something more unique than just a check. Some security researchers are getting a customized "White Hat Bug Bounty Program" Visa debit card.
(1/3/2012) The SANS Institute announced today that Department of Homeland Security National Cyber Security Division and Idaho National Laboratory have won the 2011 U.S. National Cybersecurity Innovation Award for building Cybersecurity skills needed to defend the power grid and other control systems.
(12/27/2011) HP has released a firmware update for some of its LaserJet printers, aimed at mitigating the risk posed by a vulnerability disclosed in late November.
(12/27/2011) In what may be its most devastating attack since HBGary, the Anonymous hacktivist collective rooted the database of security intelligence firm Stratfor to plunder a claimed 200 gigabytes of data.
(12/27/2011) In a study of 31 mobile operators in Europe, Morocco and Thailand, Karsten Nohl, a Berlin hacker and mobile security specialist, found that many operators provided poor or weak protection from illicit surveillance and identity theft.
(12/21/2011) Top finishers among competitors from more than 150 high schools around the country won more than $6,000 in scholarships in this fall’s Cyber Foundation competition.
(12/13/2011) The public could be allowed to copy DVDs onto their tablets and unlock video-game consoles to run home-brewed games if regulators side with public interest groups’ new requests to amend federal intellectual-property law.
(12/13/2011) Tuesday's monthly security update, to be released around 1 p.m. EST, will come with three "critical" and 11 "important" bulletins to plug holes in Windows, Office, Internet Explorer, Publisher and Windows Media Player.
(12/13/2011) FedRAMP program will require that all federal agencies only use cloud providers that meet its security standards
(12/7/2011) The unpatched vulnerability in Yahoo Messenger allows attackers to change other people's status messages automatically
(12/7/2011) It's the third lawsuit to be filed since privacy controversy started last week
(12/5/2011) The House Intelligence Committee approved a bill encouraging telecommunications companies including Verizon Communications Inc. (VZ) and Comcast Corp. (CMCSA) to share data on hacker attacks with the U.S. government.
(11/30/2011) On one of the busiest online shopping days of the year, the Justice Department announced that it shut down 150 Web sites selling counterfeit goods ranging from sports jerseys to handbags to the popular P90X exercise program. The operation was part of a campaign launched last year that has targeted more than 350 sites visited by millions of consumers.
(11/29/2011) USB sticks remain a big security weakness for UK organisations with many employees using drives without permission and not bothering to report their loss, a Ponemon Institute study has found.
(11/28/2011) U.S. health officials delay enforcement until March 31, 2012
(11/9/2011) Recently Apple announced to developers that beginning in March 2012, all applications submitted to the Mac App Store will require support for Apple's sandboxing routines.
(11/7/2011) WASHINGTON, Nov. 3, 2011 /PRNewswire-USNewswire/ -- The SANS Institute announced today that the Federal Bureau of Investigation and the U.S. Attorney General's Office have won the 2011 U.S. National Cybersecurity Innovation Award for their innovative techniques in cyber law enforcement using the computer virus' own command and control system to disable the malicious software.
(10/31/2011) FBI security rules are holding up the Los Angeles Police Department's move to Google Web-based email and office applications, according to contractors.
(10/27/2011) A group of researchers have found a way to tie Skype users to their peer-to-peer networks in order to identify who might be responsible for sharing files on Bit Torrent and other P2P networks
(10/21/2011) Oracle Corp. released a critical update to plug at least 20 security holes in versions of its ubiquitous Java software. Nearly all of the Java vulnerabilities can be exploited remotely to compromise vulnerable systems with little or no help from users.
(10/21/2011) Malware authors have updated a Mac trojan to disable the anti-malware protection Apple has built into its OS X platform, researchers warned this week.
(10/14/2011) The Zeus financial malware has been updated with peer-to-peer functionality that makes it much more resilient to take-down efforts and gives its controllers flexibility in how they run their fraud operations.
(10/14/2011) Today, the greater threat is the digital theft of competitive information or technical data by outside hackers or unscrupulous employees, speakers at an FBI-sponsored event on energy security said Wednesday.
(10/11/2011) Google isn’t reinventing the wheel with a new feature it is testing that allows any two computers using its Chrome browser to connect with each other.
(10/11/2011) Security specialist Niklas Femerstrand has discovered a hole on the American Express web site that attackers can use to steal, among other things, the login data of credit card customers.
(10/10/2011) Stanford Hospital & Clinics this week blamed a third party billing contractor for a data breach that exposed the personal data of some 20,000 patients.
(10/5/2011) Google updated Chrome over the weekend to help users affected by Microsoft's errant flagging of the browser as malware.
(10/5/2011) Researchers have discovered a serious data leak on HTC's Android smartphones because of problems in how information is logged and stored.
(10/3/2011) Facebook has said that it has "fixed" cookies that could have tracked users after they logged out of the site.
(10/3/2011) The Firefox developers are currently discussing whether to disable Oracle's Java plug-in as a potential workaround for the recently disclosed SSL/TLS vulnerability.
(9/28/2011) ISACA today weighed in on how geolocation apps are catching on with mobile device users.
(9/28/2011) Hot on the heels of last week's Mac malware posing as a PDF is a new piece of malware posing as something even more insidious: a Flash player installer.
(9/28/2011) The U.S. Cyber Challenge (USCC) today announced the winners of its latest Cyber Quests, a national online competition allowing participants to demonstrate their knowledge in a variety of information security disciplines.
(9/28/2011) The website for the open-source MySQL database was hacked and used to serve malware to visitors Monday.
(9/26/2011) Legislation aimed at protecting the nation’s financial networks and power grids from computer hackers and safeguarding consumer data online won approval from a U.S. Senate panel in a party-line vote.
(9/21/2011) Sony quietly updated its terms of service (.pdf) last week to require online gamers to agree to waive their right to any class-action lawsuit in order to log in to their network accounts.
(9/21/2011) Oracle on Thursday issued an emergency patch to fix a flaw, known as “Apache Killer,” that could allow attackers to crash its HTTP Server products based on Apache 2.0 or 2.2.
(9/16/2011) Intercepts text messages bank use as secondary authentication for account access.
(9/16/2011) Microsoft is including a beefier version of its malware protection in Windows 8.
(9/14/2011) Microsoft has removed the AVG Mobilation for Windows Phone 7 virus scanner from its marketplace as doubts had been raised about its functionality and compliance with data protection regulations.
(9/13/2011) Microsoft and Adobe are both planning to release security updates on Tuesday, the companies announced.
(9/13/2011) The Obama administration is seeking tougher sentences for people who are found guilty of hacking or other digital offenses, two officials said Wednesday.
(9/13/2011) A medical privacy breach at Stanford University’s hospital in Palo Alto, Calif., led to the public posting of medical records for 20,000 emergency room patients, including names and diagnosis codes, on a commercial website for nearly a year, the hospital has confirmed.
(9/6/2011) Hackers who obtained a fraudulent digital certificate for Google may have actually obtained more than 200 digital certificates for other top internet entities such as Mozilla, Yahoo and even the privacy and anonymizing service Tor.
(9/6/2011) But Linux geeks say that the kernel source code is secure. As Linux fans know, there are two kinds of hackers: the good guys who develop free software, such as the Linux kernel, and the bad guys who break into computers.
(8/31/2011) A first-of-its-kind worm is currently spreading in the wild via Windows Remote Desktop Protocol (RDP), security firms have warned.
(8/31/2011) The over-100-years-old Boys & Girls Clubs of America join the DHS "Stop.Think.Connect." campaign, a national effort to achieve a higher level of internet security by educating Americans at home, in the workplace and in communities.
(8/29/2011) Developers of the Apache open-source project today warned users of the popular Web server software that a denial-of-service (DoS) tool is circulating that exploits a bug in the program.
(8/29/2011) Twitter is to begin switching user sessions to https by default.
(8/24/2011) Yale University has notified about 43,000 faculty, staff, students and alumni that their names and Social Security numbers were publicly available via Google search for about 10 months.
(8/22/2011) Cyber thieves stole $217,000 last month from the Metropolitan Entertainment & Convention Authority (MECA), a nonprofit organization responsible for operating the Qwest Center and other gathering places in Omaha, Nebraska.
(8/22/2011) AT&T has accused two Utah men of carrying out a data mining scheme, using automatic dialing programs to harvest information from its customer database and costing the company more than $6.5 million.
(8/22/2011) The man who said he had fixed a bomb around a girl's neck handed his name to police ... on a flash drive.
(8/17/2011) Adobe on Friday acknowledged that as many as 80 bugs in Flash Player were reported by a Google security engineer as it defended its decision not to spell out details of the vulnerabilities.
(8/17/2011) A malicious Android app that disguises itself as Google's new social networking platform, Google+, is capable of stealing data, and answering and recording incoming phone calls, researchers said this week.
(8/15/2011) European consumers are used to this drill, but now Visa is putting its muscle behind increased security measures in the United States.
(8/10/2011) On Wednesday I wrote that many of the top fake antivirus distribution programs had ceased operations, citing difficulty in processing credit card transactions from victims
(8/8/2011) Security experts at CA have discovered a new piece of malware for Google's Android mobile operating system which secretly records phone conversations.
(8/8/2011) Microsoft today said it will ship 13 security updates next week to patch 22 vulnerabilities in Internet Explorer, Windows, Visio and Visual Studio.
(8/2/2011) A California man was sentenced to 12 years and seven months in prison Thursday for his role as the brains behind a widespread phishing scam that took in more than 38,000 victims.
(8/2/2011) Criminals for the past several weeks have been exploiting Amazon's Simple Storage Service (S3) cloud offering to spread SpyEye malware, according to researchers at anti-virus firm Kaspersky Lab.
(8/1/2011) Now, a new malware variant uses a devilish scheme to trick people into voluntarily transferring money from their accounts to a cyber thief’s account.
(8/1/2011) The major Hollywood studios, backed by the Motion Picture Association, persuaded a judge to order BT to block all access to suspected pirate site Newzbin2.
(8/1/2011) Three winners walked away from the United States Cyber Challenge Regional Cyber Security Boot Camp at MU with $1,000 scholarships.
(7/28/2011) Google announced today it is instituting a malware warning system on its search results page to alert users to the possibility that their computer is infected.
(7/28/2011) According to Passware, the latest version of Mac OS X has a "vulnerability" that allows login passwords to be exposed while the Mac is locked or in sleep mode.
(7/27/2011) Comcast says it is revamping the software that new customers need to install to start service with the ISP.
(7/27/2011) Rogelio Hackett Jr., 25, of Lithonia, Ga., was sentenced today to 120 months in prison by U.S. District Judge Anthony J. Trenga in Alexandria, Va., for trafficking in counterfeit credit cards and aggravated identity theft, announced Assistant Attorney General Lanny A. Breuer of the Criminal Division and U.S. Attorney Neil H. MacBride for the Eastern District of Virginia.
(7/22/2011) In a recent report, the Treasury Department Inspector General for Tax Administration reprimanded the Internal Revenue Service for failing to notify taxpayers in a timely way — if at all —when the tax agency inadvertently exposed their personal information.
(7/22/2011) Google has started alerting users running Windows about a specific form of local malware it can detect through network traffic flows.
(7/22/2011) Apple today updated Safari to version 5.1, patching 58 security vulnerabilities and adding several new features, including sandboxing on Mac OS X 10.7.
(7/19/2011) Oracle is planning to issue 78 patches covering a number of its software products on Tuesday, including 13 fixes for its flagship database, according to a statement posted to its website on Thursday.
(7/19/2011) A security consultant has notified Skype of a cross-site scripting flaw that could be used to change the password on someone's account, according to details posted online.
(7/15/2011) Several AV vendors report that, after targeting Symbian, BlackBerry and Windows Mobile devices, a variant of the ZeuS online banking trojan now also infects Android smartphones.
(7/8/2011) Google has hidden more than 11 million URLs from its search results as part of its ongoing effort against search spam.
(7/5/2011) Google this week added an anti-phishing feature to Gmail that automatically displays the sender's address for some messages.
(6/29/2011) Citigroup suffered about $2.7 million in losses after hackers found a way to steal credit card numbers from its website and post fraudulent charges.
(6/29/2011) Film-makers are going to court in a bid to block access to a site that links to pirated versions of popular movies
(6/24/2011) Daniel J. Fowler, 21, of Kansas City, Mo., pleaded guilty before U.S. Magistrate Judge John T. Maughmer to the charges contained in a Nov. 18, 2010, federal indictment. In addition to the computer hacking conspiracy, Fowler also pleaded guilty to one count of computer intrusion causing damage (computer hacking).
(6/21/2011) The attacks exploit the critical Flash Player bug that Adobe patched June 14 with its second "out-of-band," or emergency update, in nine days.
(6/21/2011) Attackers are now actively exploiting one of the 11 Internet Explorer (IE) vulnerabilities patched Tuesday by Microsoft, a Symantec researcher said Friday.
(6/20/2011) Microsoft on Tuesday released 16 software updates to fix at least 34 security vulnerabilities in its Windows operating systems and other software.
(6/20/2011) Over 360,083 credit card accounts in North America of Citigroup were affected as a result of a compromise of its card account management website in May, the bank said in an update on Wednesday.
(6/7/2011) Hacker group LulzSec releases 150,000 Sony Pictures records, including usernames and passwords, in latest setback for consumer electronics giant.
(6/7/2011) The largest experiment in the 40-year history of the Internet will take place on Wednesday, as hundreds of Web sites test a new standard called IPv6 that can support vastly more devices with faster, lower-cost connectivity than today's technology.
(6/3/2011) Tennessee lawmakers have passed a bill that would make sharing log-in information, including usernames and passwords, illegal within the state's borders, the Associated Press reports.
(6/3/2011) Sony has completed its restoration of the PlayStation Network and Qriocity music service after a data breach forced a shutdown in April.
(6/3/2011) Facebook seems unable to stop scammers from circulating malicious Web links that install fake antivirus software on victims' computers.
(5/27/2011) Criminals recently spent more than a week siphoning e-mail messages from Hotmail users' accounts, thanks to a programming bug in Microsoft's website.
(5/27/2011) A security researcher in Italy has discovered a flaw in Internet Explorer that he says could enable hackers to steal cookies from a PC and then log onto password-protected Web sites.
(5/25/2011) Facebook has introduced a new authentication feature designed to help users better protect their accounts from being hijacked by password-stealing miscreants.
(5/24/2011) Password reset issues cause network downtime, but no new hacks occurred, company says.
(5/24/2011) The U.S. Congress needs to pass new laws to protect smartphone customers from having their locations tracked by operating systems and applications, members of a Senate subcommittee said Thursday.
(5/18/2011) Dropbox, the wildly popular online storage system, deceived users about the security and encryption of its services, putting it at a competitive advantage, according to an FTC complaint filed Thursday by a prominent security researcher.
(5/18/2011) Scammers are trying to trick Windows users into paying to fix bogus hard drive errors that have apparently erased important files, a researcher said today.
(5/4/2011) 'Rogueware' plague expands from Windows to Mac OS, tries to dupe Apple users into paying $60-$80
(5/4/2011) In the wake of the Sony PlayStation Network outage, Sony has taken down another arm of its online gaming offerings.
(5/2/2011) FBI warns that small- to midsize businesses are being targeted in an attack that so far has bilked companies' accounts of millions of dollars and wired the money to Chinese companies.
(5/2/2011) A Sony spokesman said Thursday that the credit card numbers belonging to millions of PlayStation Network (PSN) and Qriocity users were encrypted when they potentially were compromised by hackers.
(5/2/2011) Contingency plans kept Bizo and Mashery up and running during the Amazon service outage, offering lessons to other cloud-based businesses.
(4/29/2011) We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network.
(4/26/2011) The FBI has raided the Los Angeles apartment of a Screen Actors Guild member the bureau believes was first to upload the Oscar-winning movie The King’s Speech as well as Black Swan, and other in-theater-only films to the Pirate Bay in January, according to interviews and sealed court records obtained by Wired.com
(4/26/2011) Apple is facing a class action suit over the location data that two security researchers recently publicized
(4/26/2011) Many companies nowadays tend to claim they were the victims of an advanced persistent threat instead of admitting their security systems failed. As a result APTs have become overhyped.
(4/22/2011) Apple Inc.'s iPhones and Google Inc.'s Android smartphones regularly transmit their locations back to Apple and Google, respectively, according to data and documents analyzed by The Wall Street Journal—intensifying concerns over privacy and the widening trade in personal data.
(4/18/2011) Senators John Kerry (D-Mass.) and John McCain (R-Ariz.) on Tuesday introduced "The Commercial Privacy Bill of Rights Act of 2011," a bill designed to protect people's personal information.
(4/13/2011) Computerworld - A new Trojan tries to extort money from users by convincing them to dial international telephone numbers to reactive Windows, a security researcher said today.
(4/5/2011) Phishers use all kinds of come-ons to lure their victims. But one persistent piece of spam tries to trick people by offering an upgrade to Adobe Acrobat
(4/5/2011) Marketing company Epsilon is reporting a data breach that could affect the email addresses of thousands of customers of major banks, retail and hotel chains.
(4/1/2011) Junk mail down 1/3 since Rustock botnet takedown, But Bagle does brisk business
(3/29/2011) Oracle's MySQL.com customer Web site was compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site's users.
(3/29/2011) A new survey shows U.S. consumers are shockingly lax about basic security on their mobile phones.
(3/25/2011) The latest version of Mozilla's Firefox web browser, version 4, was released this week with a number of new security features, including a mechanism for preventing web-based attacks.
(3/23/2011) Great cyber story, read more about Microsoft's take down of Rustock Botnet.
(3/21/2011) Twitter announced on Wednesday that it will give its users the option to always automatically connect to Twitter.com using HTTPS, which encrypts communications between users' computers and Twitter servers.
(3/21/2011) Rustock, one of the largest and most notorious spam botnets, suddenly fell silent Wednesday and has remained off line.
(3/15/2011) Microsoft on Monday was set to launch the latest version of its Internet Explorer Web browser at an evening event at the South by Southwest tech and media fest in Austin, Texas
(3/15/2011) The U.S. Federal Trade Commission has closed the book on its legal action against Twitter, stemming from two 2009 hacking incidents where high-profile Twitter users -- including President Barack Obama -- lost control of their accounts.
(3/14/2011) Apple on Wednesday issued security updates for its Safari 5 web browser and iOS mobile operating system to address dozens of vulnerabilities.
(3/14/2011) The latest complaint argues Google's disclosures are inadequate because nobody reads lengthy legal documents.
(3/14/2011) The phony version of the Android Market Security Tool was found by Symantec on China-based, third-party Web sites that are not sanctioned by Google.
(3/8/2011) Google has pulled more than 50 malware-infected apps from its Android Market, but hasn't yet triggered automatic uninstalls of those programs from users' phones, security experts said today.
(3/1/2011) Experts are debating the level of risk posed by what appears to be a new malware variant targeting Mac OS X users.
(3/1/2011) HHS hits Cignet with $4.3M penalty; Mass. General settles for $1M
(2/25/2011) A new banking trojan targeting U.S. customers has the ability to keep online account sessions open after customers believe they have logged off, enabling criminals to surreptitiously steal money, according to researchers at web security firm Trusteer.
(2/23/2011) Should ISPs be the ones who keep hacked PCs off the Internet? Microsoft's chief security executive used to think so, but now he's had a change of heart.
(2/18/2011) The White House is proposing a big increase in cybersecurity research and development in next year's budget to improve, in part, its ability to reduce the risk of insider threats and ensure the safety of control systems such as those used at power plants.
(2/18/2011) U.S senators will introduce legislation this year targeting Web sites that traffic in digital piracy or counterfeited goods, said the primary sponsor of a controversial bill proposed in 2010 that would give government agencies more authority to shut down those sites.
(2/16/2011) "Operation Broken Hearted" protects consumers from counterfeit Valentine's Day goods
(2/16/2011) Mozilla on Tuesday rolled out the eleventh beta of Firefox 4, adding the "Do Not Track" feature it touted three weeks ago to the browser.
(2/9/2011) A company that is helping the federal government track down cyberactivists who have been attacking business which refused to support Wikileaks has itself been hacked by the very same activists.
(2/9/2011) SAN FRANCISCO — Two U.S. congressmen continued to press Facebook on the privacy front Wednesday, questioning the company's plan to make users' addresses and mobile phone numbers available to third-party sites and application developers.
(1/28/2011) The operator of an alleged "scareware" scheme, using deceptive advertising to trick Internet users into buying software to fix their supposedly infected computers, will pay the U.S. Federal Trade Commission US$8.2 million to settle a complaint brought by the agency
(1/28/2011) Facebook announced Wednesday it would begin supporting a feature to protect users from having their accounts hijacked over Wi-Fi connections or snooped on by schools and businesses.
(1/26/2011) The tide in cybercrime is shifting away from attacks on Windows machines and migrating to the mobile marketplace, according to a just released yearly report from Cisco.
(1/26/2011) Google and Mozilla this week proposed new tools to help consumers gain more control over ad tracking cookies.
(1/21/2011) First spotted almost three months ago, the Boonana Trojan stood out because of its capability to infect both computer running Windows and those running Mac OS X.
(1/20/2011) Facebook is now offering applications access to users' mobile phone and addresses, though sharing must be approved by users.
(1/11/2011) The big news of Mac OS X 10.6.6's release is clearly the Mac App Store, but that's not the only change that came in the latest version of Snow Leopard. In addition, Apple nipped a pair of bugs and closed a security hole.
(1/11/2011) Microsoft will issue two security bulletins on Tuesday, January 11 to fix three vulnerabilities.
(1/6/2011) Cybercriminals hacked into the database of American Honda Motor Co., Inc. stealing the names, e-mail addresses and Vehicle Identification Numbers (VIN) of 2.2 million car owners.
(1/6/2011) A malware-laced e-mail that spoofed seasons greetings from The White House siphoned gigabytes of sensitive documents from dozens of victims over the holidays, including a number of government employees and contractors who work on cybersecurity matters.
(1/3/2011) Hackers are exploiting a vulnerability in Microsoft Word to plant malware on Windows PCs, Microsoft said Tuesday.
(12/30/2010) Department of Veterans Affairs staff have been using Google and Yahoo tools without the agency's knowledge, raising privacy, security concerns.
(12/28/2010) An escrow firm in Missouri is suing its bank to recover $440,000 that organized cyber thieves stole in an online robbery earlier this year, claiming the bank’s reliance on passwords to secure high-dollar transactions failed to measure up to federal e-banking security guidelines.
(12/22/2010) Bank of America has joined the growing list of financial and technology companies that have cut off services to WikiLeaks, a move that comes amid speculation that the whistleblower site is preparing to release information about the bank.
(12/22/2010) The breach of a Web server that housed payment card data for a New York tourism company's website highlights security gaps in cardholder data protection.
(12/22/2010) Michael Copps, the swing vote at the U.S. Federal Communications Commission for a set of network neutrality rules, said Monday he will vote for the proposal
(12/17/2010) Ohio State University is notifying about 760,000 people whose personal information was stored in the university’s computer server that a data breach could put them at risk for identity theft.
(12/16/2010) DoubleClick, the Google-owned ad technology, has been distributing malware in an online ad served through a number of websites, according to the security researcher who says he discovered the attack.
(12/6/2010) You may soon be able to stop advertisers from tracking your every move online if the Federal Trade Commission's call for a "Do Not Track" option becomes a reality.
(11/24/2010) Adobe today released Reader X, the next version of its popular software that includes a "sandbox" designed to protect users from PDF attacks
(11/24/2010) The Kroxxu botnet is believed to have affected over one million web users.
(11/24/2010) Google patched a vulnerability Nov. 20 that allowed someone to send spam to Gmail users.
(11/19/2010) Adobe has issued an out-of-band fix for a vulnerability in Reader and Acrobat that is being actively exploited.
(11/19/2010) Apple has released a couple of updates for Safari that address a few stability and performance issues with the program, as well as increase the accuracy and relevance of the Top Sites results and Address autofill information.
(11/17/2010) A malicious worm is creeping around Windows Live Messenger 2009, but Microsoft has already taken steps to stop its spread.
(11/17/2010) Researchers at the Information Warfare Monitor project -- a collaboration between Canadian security firm SecDev and the University of Toronto's Citizen Lab -- over the weekend helped take down three of the command-and-control servers, aka motherships, responsible for the Koobface botnet.
(11/17/2010) A data breach at Holy Cross Hospital in Ft. Lauderdale, Fla., resulted in the theft of sensitive information concerning 1500 patients who visited the hospital’s emergency room.
(11/9/2010) A hacker at Washington State University gave students and information-technology staff members another reason to remember the Fifth of November this year.
(11/8/2010) The military command in charge of defending Department of Defense networks against cyber attacks is fully operational, about a month later than expected.
(11/8/2010) Microsoft will issue three security bulletins on Tuesday, November 9. One of the bulletins is rated critical; the other two are rated important.
(10/29/2010) Apple has said that it is aware of a vulnerability in its iPhone that will be fixed in a software update next month.
(10/29/2010) HONOLULU – The Social Security numbers, grades and other personal information of more than 40,000 former University of Hawaii students were posted online for nearly a year before being removed this week.
(10/28/2010) NCSA and Norton by Symantec released their annual Online Safety Study sometimes referred to as the home user study.
(10/27/2010) Facebook (News - Alert) is introducing plans to encrypt user IDs and has come up with other safety precautions after press reports surfaced about privacy concerns on the popular social media service.
(10/25/2010) Three Java vulnerabilities have been the target of more than 6 million attacks in the third quarter of 2010, Microsoft reported.
(10/15/2010) Microsoft blamed human error after two computers on its network were hacked and then misused by spammers to promote questionable online pharmaceutical websites.
(10/15/2010) In future Facebook users will be able to receive a one time login password as a mobile phone text.
(10/13/2010) Criminals who use the Zeus banking crimeware may be working on an new angle: corporate espionage.
(10/12/2010) Thieves hit point-of-sale terminals in Aldi grocery stores in 11 states.
(10/12/2010) Test run of open-source Digital Vote by Mail system exposed some serious flaws
(10/8/2010) Five people have been detained in Ukraine in connection with online bank fraud in which US $70 million was stolen from the bank accounts of US small and mid-sized businesses, municipalities and other organizations over the last year-and-a-half.
(9/24/2010) Intel threatened legal action Friday against anybody who uses its proprietary crypto key — leaked on the internet
(8/31/2010) Agency cites upgrades to LimeWire software that aim to prevent inadvertent P2P file sharing
(8/27/2010) Vulnerability disclosures have reached record levels, with 4,396 new vulnerabilities documented in the first half of 2010 -- a 36% increase over the same period last year.
(8/27/2010) A recent flurry of iTunes customers' reports that their accounts must have been hacked and used to execute purchases via PayPal that occasionally total up to thousands of dollars, has raised the question of whether Apple's App Store has again suffered a breach.
(8/23/2010) A data management firm has lost hospital records, containing a wide array of personal information, that belonged to hundreds of thousands of people.
(7/9/2010) Recent wave of university hacks nationwide exposes vestiges of former practice of using social security number as identifiers.
(6/21/2010) Due to their ever-growing popularity, social networks have been a continuous target of cybercriminals to proliferate their malicious schemes. TrendLabsSM received samples of another Facebook spam, this time also taking advantage of the popular micro-blogging site, Twitter.
(6/11/2010) Watch out for this new online phishing scam which uses 'tab napping' to attack your computer - and your finances...
(10/15/2009) The latest scam simply uses the popular social networking site as a scapegoat while leading users to outside malicious sites.
(10/15/2009) Research in Motion (RIM) has shipped a fix for a serious security vulnerability that exposes BlackBerry users to phishing attacks.
(4/16/2009) Examples of how easy it might be for someone to crack the passwords you use.
(4/16/2009) World's first iPhone worm Rick-Rolls Wallpaper.
(4/16/2009) Passwords leaked,a good example for changing your password and changing them often.
(4/16/2009) Security researchers have discovered a new kind of phishing threat for online banking customers, which they have dubbed a ¿Chat-in-the-Middle¿ attack.
(4/16/2009) Are social networks hurting or helping your students? You might be surprised at the results of a recent study.
(4/16/2009) Article about iPhone app that helps locate sex offenders, families using to help protect their families.
(4/16/2009) Text messaging scam hits Columbia.
(4/16/2009) Facebook has agreed to give users more control about the information they share with third-party applications.