US-based SunTrust Bank said it is working with law enforcement after it discovered that a former employee had stolen private information belonging to nearly 1.5 million customers.
This week was mostly small variants released, but we did have some interesting news. First we had a Microsoft engineer facing federal charges for involvement in the Reveton Ransomware, a decryptor released for Vortex, the Magnitude exploit kit is now pushing GandCrab, and a ransomware is trying to make money off of Syrian refugees.
Twitter has banned Kaspersky Lab from advertising on its platform citing the company's alleged ties with Russian intelligence agencies.
An advanced persistent threat (APT), a term sometimes used to describe nation-state-backed cyber-espionage units, is using a zero-day vulnerability in the Internet Explorer kernel code to infect victims with malware.
A botnet made up of servers and smart devices has begun the mass exploitation of a severe Drupal CMS vulnerability and is using already compromised systems to infect new machines, in a worm-like behavior.
Google announced earlier this week plans to enable Safe Browsing support for the Android WebView component, a stripped-down browser that comes with all Android versions.
A new ransomware called RansSIRIA has been discovered by MalwareHunterTeam that encrypts your files and then states it will donate your ransom payments to Syrian refugees. This ransomware is a variant of the WannaPeace ransomware and is targeting Brazilian victims.
A prodigious 18-year-old bug hunter from Chicago has discovered and reported a critical vulnerability in a LinkedIn social button that could have been abused to harvest LinkedIn user information, some of which may not have been public.
The US Food & Drug Administration plans to ask Congress for more funding and regulatory powers to improve its approach towards medical device safety, including on the cybersecurity front.
Hacking the brain of someone with an implanted medical device is not a far-fetched illusion. While at one time a concept relegated to hair-raising Hollywood movies, scientists in Belgium have found that a wireless brain implant, known as a neurostimulator, can be hacked using off-the-shelf materials. By utilizing remote exploitation,
A team of academics has identified an issue with the Zeroicoin protocol scheme, along with two security flaws in libzerocoin, the software library used for building actual cryptocurrencies around protocol.
LocalBlox, a company that scrapes data from public web profiles, has left the details of over 48 million users on a publicly accessible Amazon Web Services (AWS) S3 bucket, according to an UpGuard security researcher who discovered the data on February 28, this year.
Symantec researchers have found a loophole in how iPhone users pair devices with Mac workstations and laptops. They say attackers can exploit this flaw —which they named Trustjacking— to take over devices without the phone owner's knowledge.
When ransomware developers achieve huge media buzz like we saw with the PUBG Ransomware, it is not surprising to see other developers creating copycats. This is the case with two new in-development ransomware programs, if we can even call them that, for both Minecraft and Counter-Strike: Global Offensive (CS: GO).
Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's —and inherently Edge's— anti-phishing technology to Google Chrome.
Security researchers have spotted a new information stealer that collects Chrome login data from infected victims, along with session cookies, and appears to be looking for Facebook details in particular, according to a Radware threat alert.
Google has moved Chrome 66 to the stable channel and starting earlier today has begun updating users to the browser's new major version — Chrome 66.0.3359.117.
Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw.
While nobody likes a cheater in online games, sometimes how a company monitors and bans cheaters can go wrong. Such is the case with a recent ban fest unleashed by ArenaNet for their Guild Wars 2 game, which used a program that monitored all processes running on a computer for blacklisted programs.