OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
DDoS Attacks Create Smokescreens for Larceny
October 7, 2015
DDoS attacks have evolved from protest tool to criminal weapon. More than one in three DDoS attacks are used to plant malware or a virus on company systems, and 40 percent of them result in data theft, according to NeuStar's semiannual DDoS attack and protection report. "Until two years ago, DDoS attacks were really seen as just a disruption and annoyance tool," said NeuStar's Joe Loveless.
The Sluggish Crawl to Chip-Secured Shopping
October 5, 2015
For retailers that do not yet accept EMV cards -- credit and debit cards with chips embedded in them -- a spine-tingling deadline arrived last week. Liability for any payment fraud that results from acceptance of old-school plastic shifted to them. The magnetic chips in EMV cards will reduce in-store payment fraud, which affected 62 percent of companies, according to a recent survey.
Black Hats Offer Million-Dollar iOS 9 Bug Bounty
September 30, 2015
Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell it for way more than $1 million," wrote Loucif Kharouni, senior threat researcher at Damballa.
Two Risky Strategies Could Threaten Apple's Long-Term Survival
September 28, 2015
One of the ironies of my career is that when I first went to work for a tech company, I specifically wanted to work for a firm that was breaking the mold -- not representative of it. So, in my initial interview, I was concerned that IBM was going to buy the firm because it was the mold at that time. I was promised that there was a contract that said it couldn't. Then, six months later, it did.
OPM's Latest Bad News: 5.6 Million Fingerprints Lifted
September 25, 2015
The Office of Personnel Management on Wednesday revealed that the hackers who penetrated its records system stole 5.6 million fingerprints of federal employees -- five times the 1.1 million originally reported. The cyberattack, which came to light this spring, compromised the Social Security numbers and other sensitive information of 21.5 million people.
What Goes Around Comes Around: Russia Gets Hacked
September 23, 2015
Russia has been a prime suspect in recent cyberattacks against U.S. government targets. However, Russia has been poked with the other end of the hacker stick. For more than two months, hacker attacks originating in China have bedeviled Russia's military and telecom sectors, Proofpoint researchers have revealed. Russian-speaking analysts working at global financial firms also have been attacked.
Feds Award $500M Credit-Monitoring Contract Following OPM Breach
September 23, 2015
The U.S. government spends millions of dollars on IT systems designed to prevent cybersecurity attacks, but they still occur. Government agencies are hopeful that the learning curve will improve dramatically, and breaches will be reduced. In the meantime, what happens to people affected by a breach after an attack succeeds? This year, the OPM was hit with one of the biggest hack attacks ever.
Will the IoT Be Held for Ransom?
September 17, 2015
A perfect cybercrime storm is brewing, and two of the main ingredients are ransomware and the Internet of Things. Cybercrime has become an industry with all the operational trappings of any legitimate sector, McAfee Labs noted earlier this month. It has its own supply chain, market segments, service providers, and finance and trading systems. It has its own business models.
IoT Can Open Doors to Cybercriminals, FBI Warns
September 16, 2015
The FBI has warned businesses and consumers to be careful when deploying devices that connect to the Internet of Things. As more companies and consumers use IoT devices to improve efficiency and convenience, their connection to the Internet creates opportunities for cybercriminals, the FBI said. The "Internet of Things" is a broad term that encompasses myriad devices that connect via cyberspace.
Hackers Home in on Health, Education, Government Sectors
September 16, 2015
A New York healthcare provider, California's higher education system and the Department of Energy have become the latest targets of data bandits. The latest massive data breach at a healthcare provider reportedly took place at Excellus BlueCross BlueShield, which last week revealed that the personal data of more than 10 million people was at risk due to an attack that dates back to December 2013.
Netflix Move Prompts Premature Antivirus Software Obit
September 11, 2015
Netflix reportedly is in the process of dumping its antivirus software and placing all its faith in an alternative solution to protect its more than 60 million subscribers from online nastiness, a move that prompted one pundit to pronounce the death of antivirus software yet again. Such dire pronouncements have been made for years, and they're likely to be made for many years to come.
KeyRaider Malware Busts iPhone Jailbreakers
September 3, 2015
Data-robbing malicious software dubbed "KeyRaider" has stolen more than 225,000 valid Apple accounts and thousands of certificates, private keys and purchasing receipts, Palo Alto Networks' Unit 42 reported last week. The firm identified the malware in cooperation with WeipTech, which found the accounts on a server while it was analyzing suspicious user-reported iOS tweaks.
Baby Monitors Riddled With Security Holes
September 2, 2015
Rapid7 has released a report on an assortment of new vulnerabilities found in baby monitors: predictable information leaks; backdoor credentials; reflective, stored XSS; direct browsing; authentication bypass; and privilege escalation. "Many of the issues would allow video and audio from the device to be viewed by an attacker," said Mark Stanislav, senior security consultant at Rapid7.
Shadow IT Feeds 'Man in the Cloud' Attacks
August 27, 2015
Shadow IT -- the use of unauthorized online services by company employees -- is a concern of cyberwarriors charged with defending business systems against network attacks. There's new evidence that those concerns are justified. A new attack vector on business systems leverages the synchronization features of services like Dropbox and Google Drive to perform malicious mischief.
Malvertising Headache Swells to Migraine Proportions
August 26, 2015
Online advertising that pushes malicious software to consumers has increased 325 percent over the past year, Cyphort Labs reported Tuesday. Malvertising is adding to what is already a significant problem for online advertisers. Ad fraud will cost global advertisers more than $6 billion this year, according to the Association of National Advertisers.
Cyber-Posse Aims to Round Up Ashley Madison Hackers
August 25, 2015
The Toronto Police Service on Monday reported on the progress of Project Unicorn, the official investigation into the hack attack on Ashley Madison, an adultery-promoting website. The Toronto police are working closely with the U.S. Department of Homeland Security, the RCMP, the FBI, and the Ministry of the Attorney General's criminal law office in carrying out the investigation.
Ashley Madison Hackers: Catch Them if You Can
August 20, 2015
The Ashley Madison hacker gang will be tough to apprehend. The hackers this week dumped nearly 10 gigabytes of stolen personal data onto the Web -- details gleaned from accounts established on the site, which is dedicated to matching up people who want to engage in extramarital affairs. It's "nearly impossible" to track down attackers, noted Bit9 + Carbon Black's Ben Johnson.
Study: Chinese Hackers Are Savvy, Surgical
August 13, 2015
A clandestine group of sophisticated Chinese hackers have infected scores of sites on the Web and stolen documents from industrial and government organizations with surgical precision, according to a Dell SecureWorks study released last week. Dubbed "Threat Group 3390," the cybergang has used infected websites of some 100 organizations across the globe.
Feds Break Up Hacker-Powered Insider Trading Ring
August 12, 2015
In two indictments unsealed by the U.S. Department of Justice in Brooklyn, N.Y., and Newark, N.J., nine people were charged in federal court with carrying out an international scheme to hack into three business newswires, steal yet-to-be published press releases, and use them to make trades that generated approximately $30 million in illegal profits.
Chinese Hackers May Have Burrowed Into Airlines
August 11, 2015
The China-based hacking team that has been infiltrating U.S. government and business computer systems appears to be behind two newly discovered attacks -- this time on travel reservation processor Sabre and American Airlines. Sabre confirmed that its systems -- which contain sensitive records on as many as a billion travelers -- recently were breached. American Airlines is investigating.
Mozilla Plugs Dangerous Firefox Zero-Day Hole
August 10, 2015
Mozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server -- possibly somewhere in Ukraine -- has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version.
Cyberwarrior Demand Outpaces Supply
August 6, 2015
Demand for cybersecurity professionals continues to far outpace supply, according to a Burning Glass Technologies report released last week. Cybersecurity hiring remains concentrated in government agencies and among defense contractors, the third annual cybersecurity job market report notes, but hiring has started to boom in industries handling consumer data.
Malvertisers Poison Yahoo's Ad Network
August 4, 2015
Yahoo's ad network suffered an attack that lasted for almost a week, Malwarebytes reported mid-day Monday. Malwarebytes earlier notified Yahoo of the attacks, which began July 28. Yahoo had stopped them by the time the report was published. The attackers used the Angler Exploit Kit, described as highly sophisticated, to redirect visitors to ad sites on two Microsoft Azure domains.
Mobile Device Hijacking Costs Advertisers $1B a Year
July 24, 2015
A type of fraud spreading through the mobile universe could cost advertisers more than $1 billion globally this year, according to a July 2015 study released by Forensiq. The fraud, called "mobile device hijacking," uses installed apps to rapidly load ads that no one sees -- but the fraudsters collect money for the ads as if they had been viewed.

See More Articles in Cybercrime Section >>
Facebook Twitter LinkedIn Google+ RSS
Do you want to live in an Internet-connected home?
Yes -- I have some smart things, and I want more.
Yes -- I'm looking forward to all the conveniences.
Not sure -- I have security and privacy concerns.
No -- the technology isn't good enough yet.
No -- it's a ridiculous waste of money.
Reap the reward of the holiday shopping buzz