Security experts warn about a trio of new threats: GreenDispenser cash-out malware, the Shifu banking Trojan being spread via malvertising attacks and Neutrino crimeware getting an upgrade to steal payment-card data.
Federal auditors say a data repository used for data analysis and reporting for the Affordable Care Act, better known as Obamacare, had numerous data security shortcomings that have since been addressed. Security experts say the problems cited are common to many organizations.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.
A former wealth management adviser at Morgan Stanley pleaded guilty this week to stealing confidential client information. Some fraud-prevention experts say the investment banking firm could have taken steps to detect the suspicious insider activity sooner.
Responding to U.S. government criticism of China over its persistent online economic espionage campaigns, Chinese President Xi Jinping says that the Chinese government does not hack other nations, or support Chinese companies that do so, and calls for those responsible for cyberattacks to be prosecuted.
Apple is moving to contain an outbreak of malicious apps being distributed via its official App Store that were infected with XcodeGhost malware. Hundreds of apps and millions of users were reportedly infected.
A second Russian has pleaded guilty in connection with the largest U.S. hacking scheme, which compromised more than 160 million payment card numbers. But three other alleged conspirators have yet to be arrested.
A Russian hacker who was extradited to the United States earlier this year has admitted his role in the largest hack attack in U.S. history, which resulted in the theft of 160 million payment card numbers. Find out how much time he could spend in prison under his plea agreement.
The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
A password-cracking group claims that, because of coding errors made by Ashley Madison's developers, it has been able to recover 11.2 million users' plaintext passwords. The group believes that up to 15 million of the dating site's passwords can be easily cracked.
Yet another health insurer - Excellus BlueCross BlueShield - has belatedly discovered that its systems were hacked. The breach potentially exposed information on 10.5 million individuals, was discovered in August, but appears to have begun in 2013.
A Latvian hacker's guilty plea for the role he played in enhancing the Gozi Trojan, and reports of other new malware-related arrests, are promising developments in the international fight against cybercrime. Security experts, including Gartner's Avivah Litan, weigh in on the long-term impact.