More and more cybercrime surveys are mislabeled as studies, security company PR gets reported as news, reliable stats on cybercrime are elusive, and it's almost impossible to tell realistic threats from headline trends.
Intransigent sort-of hacker collective Lizard Squad is back. Apparently. Sky News reports that...
Who should Ashley Madison blame for the theft of it's information, former CEO Noel Biderman or...
There is a lot to be said about understanding the scope of an incident - including how quickly...
In-flight security made quite a lot of headlines earlier this summer, but this time at unusual angle. Aviation has always been focused on safety and had remained the most secure industry that ever existed. However, the buzz was about another aspect of security — the one quite surprising for an average passenger and quite expected for an IT specialist.
Last week, we saw the group behind a significant amount of Angler exploit kit (EK) switch to Neutrino EK. We didn't know if the change was permanent, and I also noted that criminal groups using EKs have quickly changed tactics in the past. This week, the group is back to Angler EK.
Hacked online cheating service AshleyMadison.com is portraying itself as a victim of malicious cyber criminals, but leaked emails from the company’s CEO suggests that AshleyMadison’s top leadership hacked into a competing dating service in 2012.
It appears the original intention of the Ashley Madison hackers was to expose what they see as fraud perpetrated on the users of the Ashley Madison website - not a moral crusade. But they might just end up making a lot of money for class-action lawyers.
Authorities across the United States this week arrested dozens of gang members who stand accused of making millions of dollars stealing consumer identities in order to file fraudulent tax refund requests with the Internal Revenue Service (IRS). The arrests highlight the dramatic shift in gang activity in recent years from high-risk drug dealing to identity fraud — a far less risky yet equally lucrative crime.
The criminal justice system has a problem, and its name is forensics. This was the message I heard at the Forensic Science Research Evaluation Workshop held at the AAAS headquarters in Washington, D.C.
Why would Pawn Storm, the long-running cyberespionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What is their connection to other targets?
Remember those cracked Uber accounts that were selling for as little as $1 on the dark web a few months ago? Well, welcome to the Midsummer Madness Sale: prices have been slashed, and now, they're going for the low, low price of only 40 cents!
Today, we’ll look at the stranger-than-fiction true tale of an American firm that lost $197,000 in a 2013 cyberheist, only to later recover most of the money after allegedly plying Chinese authorities with a carton of cigarettes and a hefty bounty for their trouble.
The National Security Agency (NSA) is paying to build backdoor security into the Internet of Things (IoT). (Granted, it's not like we can presume that the NSA wouldn't build in backdoors, given the history of backdoors in iPhones, iPads, and routers, et al. But as Naked Security's Mark Stockley pointed out at the time, why would the NSA bother to build in backdoors when so many IoT devices are wide open anyway?)
I’ve been doing a lot of reverse engineering and very often there’s this common thing coming up: I would really like to have a tool for this because I need to look at this particular API, or look at what would happen if I do this vs that, etc. It’s quite a lot of work to build a tool from scratch, and existing tools aren’t really suitable for the iterative reversing kind of use-case.
Law enforcement agents in recent years have been crawling all over the Dark Web to track down its seediest denizens: terrorists, pedophiles, gun-runners, drug dealers, sex traffickers and other serious criminals. From an outsider's perspective, law enforcement agencies' efforts seem to be paying off.
Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. But imagine how riskier it is if a hacker can do all this remotely, especially now that a number of fuel companies worldwide use Internet-connected systems to monitor their tanks.
For nearly a week, Yahoo sustained a malvertising attack that seems to point to further security concerns with Adobe's Flash platform.
Hardly a week goes by without a news story about state-sponsored Chinese cyberspies breaking into Fortune 500 companies to steal intellectual property, personal data and other invaluable assets. Now, researchers say they’ve unearthed evidence that some of the same Chinese hackers also have been selling access to compromised computers within those companies to help perpetuate future breaches.