- Botnet snatches 2 million logins for Facebook, ADP payroll processor and other sites
- Hacker-built drone can hunt, hijack other drones
- Malware still running rings around security tools, eThreatz testing finds
- 2 million stolen login credentials discovered for Facebook, Google, LinkedIn, Twitter, other sites
- Conventional insurance may not cover cyber security breaches: Centre for Internet Safety
Thirteen people, including the creator of Blackhole, a popular exploit tool used to infect computers with malware, were arrested and charged in Russia with creating and participating in a criminal organization.
Explosive revelations in the past six months about the U.S. government's massive cyber-spying activities have spooked individuals, rankled politicians and enraged privacy watchdogs, but top IT executives aren't panicking -- yet.
A security researcher has released software and technical instructions for modifying a drone so that it can identify and hijack other drones.
In a development likely to concern those who believe that a system that's not connected to a network is safe from surveillance, researchers have demonstrated that microphones and speakers built into laptops can be used to covertly transmit and receive data through inaudible audio signals
Attackers are exploiting a new and unpatched vulnerability in Windows XP and Windows Server 2003 that allows them to execute code with higher privileges than they have access to.
In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable.
Police in Austin, Texas, set up sting operations with cars they have under surveillance, watching for thieves to break into them. Marcus J. Carey's Web service, HoneyDocs -- born in the same city -- uses the same concept, only with computer files.
It's a common belief in the information security world that the Chinese government is behind many of the advanced persistent threats that target companies around the world in an effort to steal their IP and trade secrets. Now one security firm has come forward with years of evidence to link a prolific APT group to a unit inside the Chinese government.
Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet
Last week Gen. David Petraeus, the director of the Central Intelligence Agency, resigned in response to what has turned out to be a much bigger scandal than it first appeared.
Sign up now »
Advanced protection for physical, virtual and cloud servers
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.