More than 4,200 websites, some belonging to the U.S., U.K. and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero. The security lapse continues the recent trend of cryptocurrency mining malware overtaking ransomware.
Do healthcare entities face a growing risk of being hit with cryptocurrency mining attacks, which have become more common in other sectors? A Tennessee hospital may be the first victim in the sector, and some security experts predict many more such incidents.
The U.S. Department of Justice, in one of its biggest-ever cybercrime disruptions, shuttered the Infraud Organization, an online forum prosecutors tied to $530 million in losses. Thirteen suspects - in Australia, France, Italy, Kosovo, Serbia, the U.K. and the U.S. - have been arrested.
Uber CISO John Flynn tells a U.S. Senate subcommittee that the company should have told the public sooner about its 2016 data breach. He says the company's attempt to position its $100,000 payoff to hackers as a bug bounty was not appropriate.
A malware incident at Partners HealthCare that was detected last spring but was only recently determined to have exposed patient data illustrates that confirming a data breach through a forensics investigation can be difficult and time-consuming.
A hacking team dubbed "Group 123" with apparent ties to the government of North Korea has been exploiting a zero-day vulnerability in the Flash browser plug-in, likely to hack high-value targets. Adobe has released an emergency Flash update with security fixes. Or organizations could simply stop using Flash.
The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
The Department of Justice has charged two men, arrested in Connecticut near the scene of a jackpotting attack against a drive-up ATM, with bank fraud stemming from a malware attack. Police say they recovered $9,000 in $20 bills, as well a black box and other equipment from the suspects' car.
Apple and Cisco say they've partnered with insurers Aon and Allianz to offer cyber insurance policies for organizations that meet best security practices and use products from the technology companies. The partnership follows increasing interest in cyber insurance as a hedge against hacking risks.
Russian citizen Peter Levashov, arrested last year while vacationing in Spain, appeared Friday in U.S. federal court to face charges that he owned and operated the Kelihos botnet and distributed spam, banking Trojans and ransomware for profit. Levashov has pleaded not guilty.
Lauri Love, a British man accused of 2012 and 2013 hack attacks against U.S. government computers - including systems operated by the Federal Reserve, U.S. Army and NASA - has won his legal bid to quash a U.S. extradition request. But he still faces a potential trial in England.
The booming interest and sometimes surging values of cryptocurrencies are drawing the interest of cybercriminals on a scale never seen before - including attacks aimed at trying to steal computing power to mine cryptocurrency.
In a budget speech, India's finance minister announced the launch of a "cyberspace mission" and an effort to promote the use of several new technologies, including blockchain, to bolster the nation's data security. Security experts offer mixed reviews of the announcements.
The number of data breaches reported by U.S. organizations reached an all-time high last year. In 2017, organizations that described how bad their breach was - and one-third did not - collectively lost 14 million payment cards and 158 million Social Security numbers, according to the Identity Theft Resource Center.
Fitness app and website developer Strava has landed in hot water after publishing a global heat map that shows users' workout routes in aggregate. By doing so, the firm has inadvertently revealed military installation layouts and other sensitive information.