Bebe Stores Hit By Credit Card Breach
It's not yet clear whether the breach is still ongoing or how long it lasted.
Canada Revenue Agency Exposes Affluent Taypayers' Financial Data
Details on charitable donations and home addresses were sent to a reporter by mistake.
FBI Warns of Destructive Malware Attacks on U.S. Companies
The FBI warning appears to refer to last week's cyber attack on Sony Pictures Entertainment.
FIN4 Hacker Group Steals Insider Info from Public Companies
The group has targeted more than 100 leading companies since mid-2013, according to FireEye.
Syrian Electronic Army Hackers Deface Western News Sites
Victims included the Chicago Tribune, CNBC, the Dallas Morning News, the Los Angeles Times, the Guardian and the Independent.
Home Depot Breach Has Already Cost $43 Million
The company also says it 'expects to incur significant legal and other professional services expenses associated with the data breach' in the future.
Virgin Islands Banks Hit by Massive Security Breach
Debit card accounts at Scotiabank, Banco Popular and FirstBank were compromised.
Sony Pictures Entertainment Disabled by Cyber Attack
The company's corporate networks and email were taken offline following the attack.
Regin Malware Likely Came From Western Intelligence Agency
According to the Guardian, the leading suspects are the U.S., the U.K., or Israel.
Google Brings Open Source Security Gifts
Google isn't just about search anymore. In recent weeks it has announced multiple security projects including Santa for Mac.
Verisign Warns of Surge in Large-Scale DDoS Attacks
The number of attacks exceeding 10 Gbps grew by 38 percent from Q2 to Q3 2014.
Citadel Malware Now Targets Password Managers
The Trojan looks for processes linked to KeePass, Password Safe, and the neXus Personal Security Client.
Australian Government Data Breach Linked to Poor Security Training
Data from an Excel spreadsheet containing 9,250 asylum seekers' personal information was mistakenly embedded in a Word document published online.
HSBC Acknowledges Massive Payment Card Breach
2.7 million Turkish cardholders' names, HSBC account numbers, card numbers and expiration dates were exposed.
U.S. State Department Hacked
In response to the breach, the department's entire unclassified email system was shut down, with duty officers using Gmail accounts to communicate.
AT&T Stops Using 'Permacookies' to Track Customer Activity
Verizon, however, is continuing to insert the tracking data into its customers' Web traffic.
IBM Boosts Cloud Data Protection, Compliance
IBM has patented an invention that will help global businesses navigate complex regulatory landscape for cloud data.
Chinese Hackers Breach NOAA
NOAA didn't acknowledge the breach until weeks after the fact, according to the Washington Post.
Microsoft Buys Aorato to Boost Active Directory Security
Microsoft buys Aorato, the company that earlier this year disclosed a critical vulnerability in Microsoft's security.
Darkhotel APT Campaign Targets Traveling Executives
The campaign targets corporate executives via hotel Wi-Fi networks.
BrowserStack Hacked via Shellshock
The hacker leveraged his access to send an email to customers claiming the service was shutting down.
U.S. Postal Service Hacked, Over 800,000 Affected
The Washington Post reports that Chinese government hackers are believed to have been responsible for the attack.
Home Depot Breach Also Exposed 53 Million Email Addresses
The company has also acknowleged that the attackers leveraged a third-party vendor's user name and password to access Home Depot's network.
WireLurker Malware Infects Mac OS X, iOS Devices
The malware has already been downloaded more than 350,000 times.
Researchers Hack Contactless Visa Cards
'With just a mobile phone, we created a PoS terminal that could read a card through a wallet,' says lead researcher Martin Emms.
Capital One Acknowledges Insider Breach
An employee improperly accessed an undisclosed number of customers' names, account numbers and Social Security numbers.
Drupal Acknowledges Major SQL Injection Vulnerability
'You should proceed under the assumption that every Drupal 7 website was compromised,' a security advisory warns.
Hackers Hit Mobile Payment Solution CurrentC
The email addresses of an undisclosed number of participants in CurrentC's pilot program were stolen.
White House Network Hacked
While the unclassified network was breached, officials say there's no indication at this point that any data on the classified network was accessed.
18.5 Million Californians' Personal Data Exposed in 2013
That's an increase of more than 600 percent from 2012, according to state attorney general Kamala Harris.
Survey Finds Enterprises Struggling to Secure Data in the Cloud
Just 19 percent of IT pros are confident they know about all cloud computing applications, platforms or infrastructure in use in their organizations.
Backoff PoS Malware Infections Rising Steadily
The number of Backoff infections increased by 57 percent from August to September 2014, according to Damballa.
Verizon Wireless Uses 'Permacookies' to Track Customer Web Activity
The Electronic Frontier Foundation's Jacob Hoffman-Andrews says AT&T and Sprint may be using similar headers as well.
Oregon Employment Department Notifies 851,322 People of Data Breach
Those affected were notified two weeks after the breach was discovered.
Employee Error at Touchstone Medical Imaging Exposes 307,528 Patients' Personal Data
A folder containing billing information was mistakenly left accessible online.
Staples Investigates Possible Data Breach
Potentially affected locations include seven in Pennsylvania, three in New York City, and one in New Jersey.
Chinese Government Targets iCloud Users with MITM Attack
All Chinese visitors to iCloud.com are being directed to a fake page designed to steal login credentials.
Cost of Cybercrime in U.S. Reaches $12.7 Million per Organization
The number of cyber attacks per week surged by 176 percent over the past five years, according to the Ponemon Institute.
Forgotten Passwords Cost Companies $200,000 a Year
'Bottom line, it's time to kill passwords,' says Centrify CEO Tom Kemp.
Google Researchers Warn of POODLE SSL Vulnerability
Twitter immediately disabled SSL 3.0 support following the disclosure.
Hackers Claim Breach of 7 Million Dropbox Accounts
Dropbox says it wasn't hacked, and that any stolen login credentials came from breaches at other sites.
Kmart Stores Infected with Point-of-Sale Malware
The company says the infection came from 'a new form of malware that was undetectable by current anti-virus systems.'
Dairy Queen Acknowledges Major Credit Card Breach
Almost 400 locations are affected, exposing customer names, payment card numbers and expiration dates.
JPMorgan Hackers Also Hit Over a Dozen Other Financial Firms
Additional targets included Citigroup, HSBC, E*Trade, Regions Financial, ADP and Bank of the West, though it appears that no data was stolen.
Keeping SCADA Systems Secure
FireEye Turns Its Attention to SCADA industrial control systems.
Misconfigured Server Causes Massive Data Breach at MBIA
Account numbers and balances were exposed, along with detailed instructions on how to authorize new bank accounts for deposits.
Veracode Gears up for Security IPO
Veracode CEO explains what his company is doing now as he heads toward a public offering.
FDA Issues Cyber Security Guidance for Medical Devices
The guidance is intended to help device manufacturers mitigate security risks.
AT&T Acknowledges Another Insider Breach
An employee inappropriately accessed Social Security numbers, driver's license numbers, and Customer Proprietary Network Information (CPNI).
JPMorgan Data Breach Impacts 76 Million Households, 7 Million Businesses
'You were affected if you used the following Web or mobile services: Chase.com, JPMorganOnline, Chase Mobile or JPMorgan Mobile,' the company says.
Android, iOS Malware Targets Hong Kong Protesters
Lacoon researchers describe the iOS version of the malware as the 'first iOS Trojan linked to Chinese government cyber activity.'
Supervalu Hacked Again
Payment card account numbers may have been accessed, along with some cardholder names and expiration dates.
General Motors Appoints First Product Cybersecurity Officer
Mark Reuss, GM's vice president of global product development, says it's crucial to look at vehicle technology 'on a critical systems level.'
Japan Airlines Breach Exposes 750,000 People's Personal Data
Malware was installed on 23 company computers, seven of which were found to be sending data to a server in Hong Kong.
Jimmy John's Credit Card Breach Affects 216 Locations
Point-of-sale systems vendor Signature Systems says 108 independent restaurant locations are also affected.
Shellshock Bash Vulnerability: Worse Than Heartbleed
The flaw could 'allow a remote attacker to execute arbitrary code on an affected system,' according to US-CERT.
FBI, DHS Warn of Surge in Insider Threats from Disgruntled Employees
Attacks by disgruntled employees have cost companies as much as $3 million, according to a recent alert.
Data Breach at TripAdvisor's Viator Impacts 1.4 Million Users
880,000 customers' credit card information may have been exposed, along with another 560,000 customers' email addresses and encrypted passwords.
Employee Error Exposes Over 10,000 Patients' Personal Data
The data was mistakenly made accessible via Google searches between December 2013 and April 2014.
Home Depot Breach Affects 56 Million Credit Cards
The company says the cybercriminals had 'unique, custom-built malware' in place from April to September 2014.
Chinese Hackers Breached U.S. Military Contractors 20 Times in One Year
According to a recent Senate report, the U.S. Transportation Command was aware of only two of those breaches.
IT Employee Charged With $37 Million Bank Heist
Godswill Oyegwa Uyoyou allegedly provided a group of co-conspirators with access to Skye Bank's computer systems.
JPMorgan Hackers Accessed Info on 1 Million Customer Accounts
According to the New York Times, more than 90 of the bank's servers were affected by the breach.
Over 41 Percent of Healthcare Organizations Still Aren't Encrypting Endpoints
That's true despite the fact that a third of healthcare employees work outside the office or clinic at least once a week, according to Forrester.
Insider Credit Card Breach Leads to $400,000 Saks Shopping Spree
Six former Saks Fifth Avenue employees have been charged with grand larceny and identity theft.
Hacker Publishes 5 Million Gmail Addresses, Passwords
Google says the leaked credentials were not the result of a breach of its systems, and less than two percent of them would have worked for Gmail.
Phishing Attacks Target iCloud Users Following Celebrity Photo Breach
A recent McAfee study found that 80 percent of business users fell for at least one in seven phishing emails.
Dyreza Malware Now Targeting Salesforce.com Users
The company says it was recently alerted to the threat by one of its security partners.
Goodwill Data Breach Linked to Third-Party Vendor
Almost 900,000 payment cards appear to have been affected.
IBM Brings Bare Metal Intel TXT Security to Cloud
The cloud isn't just about virtual servers. The physical layer and its security still matter, which is why IBM is using Intel's Trusted Execution Technology.
Unencrypted Laptop Thefts Expose Personal, Medical, Financial Data
'The benefits of encryption have been known for some time, but companies just aren't doing it,' says SafeNet chief strategy officer Tsion Gonen.
Home Depot Credit Card Breach May Affect All U.S. Locations
The breach may have lasted for several months, making it potentially far more damaging than last year's three-week-long Target breach.
Apple Admits Celebrity Accounts Were Hacked, But Denies iCloud Breach
The company says the breaches were the result of 'a very targeted attack on user names, passwords and security questions.'
Mozilla Exposes 97,000 Bugzilla User Passwords
The users' email addresses and encrypted passwords were posted on a publicly accessible server for approximately three months.
Most Enterprises Can't Detect or Deter Insider Threats
In a recent survey, 61 percent of IT professionals said they can't deter or respond to insider attacks.
Dairy Queen Acknowledges Possible Credit Card Breach
The company hasn't yet determined how many locations may be affected.
Russian Hackers Breach JPMorgan Chase, Four Other U.S. Banks
The hackers stole gigabytes of sensitive data, though it's not clear whether the attacks were aimed at financial gain or cyber espionage.
Over 1,000 U.S. Businesses Infected with Backoff PoS Malware
A DHS advisory urges companies to work with IT, anti-virus vendors, managed service providers and PoS system vendors to check for vulnerabilities.
Three Quarters of South Korean Population Affected by Massive Data Breach
27 million names, resident registration numbers, account names and passwords were allegedly accessed by a Chinese hacker.
Sony Networks Taken Down by DDoS Attack
'We have seen no evidence ... of any unauthorized access to users' personal information,' the company stated.
Community Health Systems Breach Linked to Heartbleed Bug
Recent research by Venafi found that 97 percent of Global 2000 organizations' public servers remain vulnerable to Heartbleed.
U.S. Colleges and Universities Are Failing at Cyber Security
According to a recent BitSight report, the higher education sector is less secure than retail or healthcare.
UPS Store Acknowledges Credit Card Breach
Customer names, mailing addresses, email addresses and payment card information may have been accessed at 51 stores in 24 states.
Nuclear Regulatory Commission Hacked Three Times
At least two of the attacks were launched from overseas.
Chinese Hackers Breach Community Health Systems, 4.5 Million Affected
The hackers stole about 4.5 patients' names, addresses, birthdates, phone numbers and Social Security numbers.
Supervalu Admits Massive Supermarket Credit Card Breach
Potentially affected stores include Acme Markets, Cub Foods, Farm Fresh, Horbacher's, Jewel-Osco, Shaw's, Shop 'n Save, Shoppers and Star Markets.
Bank Faces Lawsuit Over $327,000 in Losses from Cyber Attack
Hackers stole the funds from TEC Industrial in 55 separate ACH drafts on May 10, 2012.
Password Manager LastPass Suffers Outage
A data center outage left the popular password management service inaccessible for several hours.
Computer Thefts Expose Over 45,000 Patients' Personal Data
Unencrypted computers containing the data were stolen from three different medical facilities.
Hackers Stole 2 Million Customer Records Per Day in Q2 2014
More than 175 million customers records were stolen in the second quarter of the year, according to SafeNet.
Breach at USIS Exposes Government Employees' Data
The company says the breach 'has all the markings of a state-sponsored attack.'
Cancer Clinic Employee Charged with Theft of Patient Data
More than 2,000 current and former patients may be affected.
Gambling Site Acknowledges Four-Year-Old Data Breach
649,055 customers' names, user names, mailing addresses, email addresses, phone numbers and birthdates were exposed.
CyberVor Breach Exposes 1.2 Billion User Names, Passwords
A Russian gang of fewer than a dozen hackers has collected more than 4.5 billion user records from over 400,000 websites and FTP sites.
Mozilla Exposes 4,000 Passwords by Mistake
A data sanitization process failed for 30 days, exposing 76,000 email addresses and 4,000 encrypted passwords.
US-CERT Warns of New Backoff Malware
The malware appears to have been responsible for several recent high-profile breaches, including those at Target, Neiman Marcus and Goodwill.
Chinese Hackers Hit Canada's National Research Council
The NRC says it'll take a year to develop a new secure IT infrastructure.
Tor Hacked
'Users who operated or accessed hidden services from early February through July 4 should assume they were affected,' says the project's co-founder.
IBM Expands Security Portfolio with CrossIdeas Acquisition
CrossIdea technology will give IBM more capabilities to evaluate and access risks.
Sony Settles Data Breach Lawsuit for $15 Million
The money will be paid to customers in the form of games and memberships.
Travel Agent Fined $255,000 for Data Breach
More than 1.1 million debit and credit card records were stolen from former Thomas Cook subsidiary Essential Travel.
New ThreatStream CEO Wants to Solve SIEM Challenge
ArcSight founder joins security vendor to fill gaps that SIEM doesn't solve.
European Central Bank Hacked
The hackers demanded a ransom after stealing 20,000 email addresses.
Six Charged in Connection with $1 Million StubHub Breach
Over 1,000 customer accounts were compromised and used to purchase more than 3,500 e-tickets, which were then resold.
New Phishing Campaign Targets LinkedIn Users
Recipients who click on links in the emails are redirected to a fake login page designed to steal email addresses and passwords.
Goodwill Industries Hit by Credit Card Breach
The breach may date back as far as the middle of 2013.
Hackers Leverage Russian Government Malware
Sentinel Labs researchers say the malware is so hard to detect it's 'virtually invisible.'
68 Percent of Employees Expose Critical Corporate Data by Mistake
That's happening even though 65 percent say it's their responsibility to protect that data.
IT Pros Report Surge in Concern About Ransomware
73 percent of respondents to a recent survey said they're very or extremely concerned about the impact of ransomware, up from 48 percent in January.
73 Percent of IT Staff Currently Have Unresolved Network Events
Forty-five percent of IT staff say they monitor network and application performance manually instead of using network monitoring tools.
Trusteer Warns of New Kronos Banking Trojan
The malware is currently being offered for sale online for $7,000 -- or $1,000 for a one-week trial.
LastPass Acknowledges Two Security Flaws
Researchers at UC Berkeley alerted the company to the flaws, and also found vulnerabilities in three competing solutions.
NCA, FBI, Europol Take Down Shylock Banking Malware
The malware, which was first uncovered in 2011, has infected more than 30,000 Windows PCs worldwide.
67 Percent of Critical Infrastructure Providers Were Breached Last Year
Still, only 28 percent say security is one of their organization's top five strategic priorities.
Laptop Thefts Expose Personal, Medical, Financial Data
A brokerage firm, a health district, a retirement community, a hospital and an oil change franchisee were all recently hit.
HotelHippo Shuts Down In Response to Vulnerability Disclosure
Site owner HotelStayUK says the security flaws were 'obviously completely unacceptable.'
Physical Location of Data Will Be Irrelevant By 2020
'The future will be hybrid,' says Gartner research vice president Carsten Casper.
Tutanota Encrypted Email Service Launches
'Email encryption is the best tool to stop mass surveillance on the Internet,' says company co-founder Matthias Pfau.
Most IT Pros Don't Know Where All Corporate Data Resides
Just 16 percent of IT and IT security professionals know the location of all of their sensitive structured data.
Dragonfly Cyber Attacks Breach Western Energy Companies
Symantec researchers say the campaign 'bears the hallmarks of a state-sponsored operation.'
163,000 Affected by Butler University Data Breach
Names, birthdates, Social Security numbers and bank account information may have been accessed.
World Cup Security Team Accidentally Reveals Wi-Fi Password
A photo published in a Brazilian newspaper clearly showed the network's SSID and password.
File Sharing Apps Pose a Significant Data Breach Threat
Forty-six percent of senior IT pros say data is leaking from their companies due to the use of file sharing services.
IT Managers Are Overconfident About Insider Breaches
While 63 percent think it's easy to govern access rights, 42 percent admit they aren't able to monitor or prevent insider breaches.
Researchers Uncover Crucial Security Flaw in Google Play
Columbia University's Jason Nieh and Nicolas Viennot found thousands of secret keys being stored in app software.
Yo Hacked, Hires Hacker
While the attack exposed some flaws in the app, Yo has exploded in popularity since the breach.
Code Spaces Destroyed by Cyber Attack
A hacker deleted most of the company's data, backups, machine configurations and offsite backups.
Security Researchers Warn of New Dyre Banking Trojan
The malware, also called Dyreza, is designed to bypass SSL and steal login credentials.
Email Breaches Expose Over 37,000 People's Data at California Colleges
Names, Social Security numbers and birthdates were exposed, along with a variety of other information.
Hackers Breach Domino's Pizza, Demand Ransom
The hackers claim to have stolen more than half a million customers' names, addresses, phone numbers, email addresses and passwords.
ATT Customer Info Exposed by Third Party Data Breach
An undisclosed number of customers' Social Security numbers and birthdates were accessed.
How to Avoid FIFA World Cup Cyber Threats
From phishing scams to mobile malware, there's a lot to watch out for if you're a soccer fan these days.
FAA Orders Boeing to Protect Airplanes from Cyber Attacks
Proposed special conditions require Boeing to 'ensure that the airplanes' electronic systems are protected from access by unauthorized sources.'
ICS-CERT Warns of Highway Sign Security Vulnerability
Daktronics' configuration software comes with a default password that's too often left unchanged.
Stolen USB Drive Exposes 33,702 Calif. Patients' Data
Patients' names, genders, medical record numbers, birthdates and dates and times of service may have been exposed.
HP Atalla Tackles Encryption in the Post-Snowden Era
The need for encryption now is greater than ever.
TweetDeck Briefly Shuts Down in Response to Security Flaw
The service was shut down for an hour as TweetDeck fixed an XSS vulnerability.
Evernote, Feedly Hit by DDoS Attacks
The attackers who hit Feedly demanded money to make the attacks stop.
P.F. Chang's Suffers Credit Card Breach
Thousands of new credit and debit cards, all of which were recently used at P.F. Chang's locations, are being offered for sale online.
Leader of Identity Theft Ring Gets 10 Years in Prison
Jennifer Robinson was sentenced to 121 months in prison for her involvement in the filing of fraudulent tax returns using stolen patient data.
U.S. Forces Korea Hacked
More than 16,000 employees' and job applicants' names, identification numbers, contact details, education and work experience may have been accessed.
Mailroom Employee Exposes 3,675 Highmark Members' Data
The affected members' names, addresses, birthdates, medical information and member identification numbers were sent to other members by mistake.
U.K. Considers Life Sentences for Hackers
The sentence could be applied to hackers who cause loss of life, serious illness or injury, or serious damage to national security.
Placemark Investments Acknowledges Data Breach
An undisclosed number of clients' names, addresses, birthdates and Social Security numbers may have been exposed.
Rouge Valley Hospital Insider Breach Affects 8,300 Patients
The patients' personal information was sold to private companies marketing Registered Education Savings Plans.
Global Cost of Cybercrime Exceeds $400 Billion
According to the CSIS and McAfee, cybercrime could be costing the U.S. as many as 200,000 jobs.
Hacker Guccifer Jailed
Marcel Lazar Lehel was sentenced by a Romanian court to four years in prison.
Hacker Fined $8,000 for Government Cyber Attack
Delson Moo Hiang Kng placed an offensive image on the website of the president of Singapore's official residence.
The Link between Windows XP Users and Spam Volume
Second quarter IBM X-Force Threat Intelligence report finds an uptick in spam volume.
Walgreens Acknowledges Insider Breach
An undisclosed number of customers' names, birthdates and Social Security numbers may have been stolen by a former employee.
- Latest
- Dec 2014
- Nov 2014
- Oct 2014
- Sep 2014
- Aug 2014
- Jul 2014
- Jun 2014
- May 2014
- Apr 2014
- Mar 2014
- Feb 2014
- Jan 2014
- Dec 2013
- Nov 2013
- Oct 2013
- Sep 2013
- Aug 2013
- Jul 2013
- Jun 2013
- May 2013
- Apr 2013
- Mar 2013
- Feb 2013
- Jan 2013
- Dec 2012
- Nov 2012
- Oct 2012
- Sep 2012
- Aug 2012
- Jul 2012
- Jun 2012
- May 2012
- Apr 2012
- Mar 2012
- Feb 2012
- Jan 2012
- Dec 2011
- Nov 2011
- Oct 2011
- Sep 2011
- Aug 2011
- Jul 2011
- Jun 2011
- May 2011
- Apr 2011
- Mar 2011
- Feb 2011
- Jan 2011
- Dec 2010
- Nov 2010
- Oct 2010
- Sep 2010
- Aug 2010
- Jul 2010
- Jun 2010
- May 2010
- Apr 2010
- Mar 2010
- Feb 2010
- Jan 2010
- Dec 2009
- Nov 2009
- Oct 2009
- Sep 2009
- Aug 2009
- Jul 2009
- Jun 2009
- May 2009
- Apr 2009
- Mar 2009
- Feb 2009
- Jan 2009
- Dec 2008
- Nov 2008
- Oct 2008
- Sep 2008
- Aug 2008
- Jul 2008
- Jun 2008
- May 2008
- Mar 2008
- Nov 2007
- Oct 2007
- May 2006
- Apr 2006
- Mar 2006
- Nov 2005
- Oct 2005
- Sep 2005
- Aug 2005
- Jul 2005
- Jun 2005
- May 2005
- Apr 2005
- Mar 2005
- Feb 2005
- Jan 2005
- Dec 2004
- Nov 2004
- May 2004
- Apr 2004
- Mar 2004
- Feb 2004
- Jan 2004
- Dec 2003
- Nov 2003
- Oct 2003
- Sep 2003
- Aug 2003
- Jul 2003
- Jun 2003
- May 2003
- Apr 2003
- Mar 2003
- Feb 2003
- Jan 2003
- Dec 2002
- Nov 2002
- Oct 2002
- Sep 2002
- Aug 2002
- Jul 2002
- Jun 2002
- May 2002
- Apr 2002
- Mar 2002
- Feb 2002
- Jan 2002
- What are the top Android security apps?
- What are the top Android security risks?
- What are today's top cyber threats?
- What's the most secure way to delete data?
- How does hard drive encryption work?
- Is old software inherently insecure?
- Are Macs immune to malware?
- How can BYOD risk be managed?
- Which web browser is the most secure?
- How do I protect my iOS device?
- What are the top iPhone security apps?
- How do I secure my wireless network?
- Are public Wi-Fi hotspots safe?