The World Cup is still four months away, but attackers already are ramping up their efforts to defraud fans. As with most major events, such as the Super Bowl, the Olympics and others, attackers are using fans’ enthusiasm for the event as a lure to separate them from their money. When a major event like[...]
DailyMotion, one of the most popular websites on the Web, is still serving fake AV malware three weeks after it was notified of a compromise.
The OpenBSD Project pushed out a new build of the security suite OpenSSH this week, adding a new private key format, a new transport cipher and fixing 15 bugs in the Secure Shell.
A criminal campaign using the Tor-based Chewbacca Trojan, which includes memory-scraping malware and a keylogger, is responsible for the theft of more than 49,000 credit card numbers in 10 countries.
Yahoo officials said Thursday that they have reset the passwords on an unspecified number of mail accounts after detecting what they call a “coordinated effort to gain unauthorized access to Yahoo Mail accounts.”
The Wikimedia Foundation patched a critical remote code execution vulnerability in its MediaWiki software used to power wiki and collaboration sites on the Internet, including Wikipedia.
Proof-of-concept mobile malware logs keystrokes and captures screen-grabs on jailbroken iOS and Android devices in order to steal online log-in credentials and other sensitive information from targeted devices.
Bug bounty programs are springing up in more and more places every day, and the latest site to join the list is GitHub.
The attackers behind the Target data breach may have used hardcoded default credentials in system management software move laterally on the retailer’s network and exfiltrate stolen payment card data.
There are two vulnerabilities in some of Oracle’s older database packages that allow an attacker to access a remote server without a password and even view the server’s filesystem and dump arbitrary files.