The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
Italian surveillance software maker Hacking Team has confirmed that it was hacked and recommends police, law enforcement and government agencies suspend their use of its software, pending a full breach investigation.
Security researchers warn of "Xara" flaws in Apple iOS and OS X that could be used to intercept passwords and banking data, as well as a keyboard app that puts more than 600 million Samsung device users at risk.
While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches into place, according to several information security experts. Learn the key issues, and how organizations must respond
An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
Apple's forthcoming iOS 8 includes a number of useful new security and privacy features, says Symantec threat researcher Candid Wueest. But there are missing features he'd still like to see implemented.
Within one day of the disclosure of the flaw known as Heartbleed, an attacker posing as an authorized user broke into a corporate computer system, exploiting the vulnerability in the OpenSSL protocol, the breach detection firm Mandiant says.
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
To help agencies secure their wireless networks and technologies, the Government Accountability Office came up with eight leading practices. For now, GAO says, wireless networks remain at an increased vulnerability to attack.