Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during September's NATO summit, according to iSight Partners.
The mastermind behind Liberty Reserve, a global financing operation allegedly used by cybercriminals to launder funds from illicit proceeds, has finally been extradited to the U.S. after his arrest in Spain more than a year ago.
Alleged Russian hacker Roman Valerevich Seleznev, arrested earlier this year, is facing 11 additional charges tied to the theft of credit card information for later sale on underground "carding" websites.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Malware-wielding attackers have compromised 800,000 online banking credentials, mainly for customers of the five largest U.S. financial services firms, a new study warns. But they may also be preparing for APT attacks against financial institutions.
Citigroup, E*Trade, Regions Financial, Fidelity Investments, HSBC, Bank of the West and ADP are now believed to have been probed by the same hackers that targeted Chase, according to news reports. But so far, none of those firms believes data was compromised.
As the IT security workforce reaches a record high in the United States, what does that workforce look like? It remains overwhelmingly white and male. Here's an explanation of the latest employment statistics.
Criminals have infected at least 50 ATMs in Eastern Europe, including Russia, with malware, dispensing millions of dollars in cash directly to money mules. Interpol warns such attacks could spread worldwide.
Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.
An important lesson to learn from the massive JPMorgan Chase breach is that banks can't just focus on protecting card data and online banking accounts; they also must protect their customers' personally identifiable information.