Prolific researcher Kafeine today called for Windows users to disable Adobe Flash Player in the wake of his discovery of an exploit for a previously unknown Flash flaw being packaged with a notorious crimeware kit.
Almost once a week, I receive an email from a reader who has suffered credit card fraud and is...
If you enjoy reading up on what's new in computer security as you sup on your first coffee of...
For more than two decades, law enforcement agencies have used data to figure out crime patterns and target “hot spots” in communities. Now a growing number of police departments are going further by making some of that information available to the public online.
Malvertising accounts for huge amounts of cyber fraud and identity theft. Yet there is still no consensus on who is responsible for addressing these threats.
Crooks with stolen usernames and passwords have broken into customer accounts at United and American Airlines and gotten away with booking free trips or upgrades.
Assessing DHS performance 12 years after its creation, a new Federal report called "A Review of the Department of Homeland Security's Missions and Performance" contains a blistering summary on the state of DHS cybersecurity practices and programs.
Some 96 percent of organizations across 20 different vertical industries suffered some form of cyber attack in the first half of last year.
The newly-discovered "Skeleton Key" malware is able to circumvent authentication on Active Directory systems, according to Dell researchers.
The online attack service launched late last year by the same criminals who knocked Sony and Microsoft’s gaming networks offline over the holidays is powered mostly by thousands of hacked home Internet routers, KrebsOnSecurity.com has discovered.
I sometimes get questions about showing attachments in Apple iDevice messaging databases. The questions, however, seem to come at a time when I don’t have any databases on hand to study the issue. Well, this week I stumbled on the chats.db during an exam of a MacBook Air.
I recently analyzed a malicious document, by opening it on a virtual machine; this was intended to simulate a user opening the document, and the purpose was to determine and document artifacts associated with the system being infected.
Whether it’s a suspected forgery, a threatening letter or a questionable signature, investigators are always looking for the most effective methods of linking a questioned document to its author.
Change is one of the only constants in incident response. In time most things will change; technology, tools, processes, and techniques all eventually change. The change is not only limited to the things we rely on to be the last line of defense for our organizations and/or customers.
Japanese police believe that the majority of bitcoins stolen from Mt. Gox was due to insider tampering, a new report claims.
Right back to the 1980s, when computer viruses first appeared in any number, people have been asking, "Can malware and hackers cause giant physical disasters?"
The world's oldest — and Europe's largest — hacker organization The Chaos Computer Club is proving its mettle with the talks at this year's 31c3: A New Dawn.
The core members of a group calling itself “Lizard Squad” — which took responsibility for attacking Sony’s Playstation and Microsoft‘s Xbox networks and knocking them offline for Christmas Day — want very much to be recognized for their actions. So, here’s a closer look at two young men who appear to be anxious to let the world know they are closely connected to the attacks.