Spammers wielding Locky ransomware have a new trick up their sleeves: the ability to infect PCs via malicious Microsoft Word documents that use the Dynamic Data Exchange application-linking feature built into Windows to push ransomware onto victims' systems.
The FBI is asking all U.S. victims of DDoS attacks to please come forward. The bureau's plea for more information from cyberattack victims parallels similar requests made this week by British authorities speaking at ISMG's Fraud and Breach Prevention Summit in London.
Despite new guidance issued earlier this year, insurance companies in India are still falling short of meeting security standards, according to a notification from the Insurance Regulatory and Development Authority of India. Some security experts say one of the key challenges is finding a CISO.
Researchers say they've identified faulty cryptographic code in microchips made since 2012 by Infineon Technologies, posing risks to government-issued smartcards, consumer laptops, authentication tokens and more.
Can U.S. law enforcement use a warrant to seize emails stored outside the U.S. by a cloud services provider? That's the question the Supreme Court has agreed to consider next year. Microsoft continues to fight an order to turn over emails stored in an Irish data center.
MeitY has announced it will give preferential treatment to locally developed security solutions for use throughout the government at the center and state levels. Private sector security practitioners weigh in on whether it's practical for them to make a similar shift.
A Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.
Security researchers have discovered websites run by credit bureaus Equifax and TransUnion were both affected by dodgy code that redirected users to adware and malware. Both issues are fixed, but the situations beg questions about how closely the companies monitor their online security.
For the second time in two years, Hyatt Hotels suffered a payment card data breach after attackers infected payment card processing systems with malware. The latest breach lasted for over three months and affected 41 Hyatt hotels across 11 countries.
It's a tale that reads stranger than fiction, a true Tom Clancy-ish yarn: Israeli spies hacked Kaspersky Lab, discovering that Russia has been using the company's pervasive anti-virus software to spy on U.S. spies. Will Kaspersky Lab survive?
A hacker exploited an unpatched, 12-month-old flaw in a small Australian defense contractor's IT help desk and stole data for the country's F-35 Joint Strike Fighter program, among other secrets, the Australian government has warned.
North Korea's leaders apparently blew a gasket over "The Interview," a comedy film that centered on an assassination plot against North Korea's leader. So how might the country have reacted to U.S.-South Korean "decapitation strike" plans reportedly stole last year by Pyongyang-affiliated hackers?
Credit-reporting agency Equifax now says records exposed in the massive data breach it revealed last month included information relating to 15.2 million U.K. residents - a much higher figure than the business first suggested.
The Dark Overlord, a hacking group that hijacks data from businesses and holds it for ransom, is now threatening school districts. The apparent intent isn't to get ransoms from schools per se, but to create a fear campaign designed to scare big businesses into paying the group's ransoms.
The growing use of mobile devices is changing the security landscape, and protection must extend to the device, the application, the connection channel and the network entry point, says Bimal Gandhi, CEO at Uniken Inc.