A data breach notification service bought what appear to be 117 million username and poorly hashed passwords obtained via the 2012 breach of LinkedIn. That's a far cry from the 6.5 million stolen passwords that initially came to light.
A judge has declined to share details of a flaw exploited by the FBI - either in the Firefox browser or modified Tor version - during the course of a large child pornography investigation, saying Mozilla should deal directly with the U.S. government.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
The U.S. Supreme Court this week sided with data aggregator Spokeo in a case dealing with when consumers can sue for privacy violations. The high court remanded the case to the Ninth Circuit Court of Appeals to examine the issue of whether the plaintiff was harmed when Spokeo published incorrect information about him.
Tavis Ormandy of Google's Project Zero found he could hack Symantec's security products with a single email. The flaw has been fixed, but the finding is a reminder that flaws in anti-virus software can leave users at serious risk from hackers.
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
Apple has removed from its App Store a $0.99 security tool developed by well-known researcher Stefan Esser that he says could quickly detect if an iPhone may have been hacked. What is the back-story behind this move?
Vietnam's TPBank says it successfully foiled more than $1 million in fraudulent transfer requests apparently initiated by the same hackers who targeted Bangladesh Bank and other SWIFT-using institutions with PDF reader malware.
The FFIEC has released detailed security guidance for mobile banking and payments that its examiners will now use in their assessments of financial institutions. Banking security experts offer a critique.
The Commercial Bank of Ceylon has apparently been hacked, and its data has been dumped online by the Bozkurtlar hacking group that has leaked data from seven other banks in the Middle East and South Asia since April 26.
Law enforcement agencies have scored some notable botnet-busting successes, disrupting malicious infrastructure and arresting botnet-using gangs. But cybercriminals are adapting, one top EU cybercrime investigator warns.
Mozilla wants the U.S. government to provide it with information about a possible unpatched vulnerability in its Firefox browser, which was used by the FBI as part of a large child pornography investigation.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.
There are two elements of a ransomware attack - the infection and then the action that takes place on infected devices. And both elements are evolving, says Ben Johnson of Carbon Black. He shares insight on how to improve ransomware defenses.
Amidst finger-pointing over responsibility for the $81 million online theft from Bangladesh Bank, SWIFT has issued its first-ever information security guidance to banks, telling them that they're responsible for securing their own systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.