Data Protection

Data Protection news, analysis, research, how-to, opinion, and video.

serverskulls header

hoax

How to figure out if a data breach is a hoax

Deloitte has published ways to figure out if an organization has really been breached

currentc logo

Apple Pay rival CurrentC suffers pre-launch compromise

Merchant Customer Exchange (MCX) says that CurrentC, a mobile payment offering backed by giant retailers like Wal-Mart, Best Buy, Old Navy, Target, CVS, and more, has been compromised.

control room

Attack campaign infects industrial control systems with BlackEnergy malware

Customers of three SCADA human-machine interface products from different vendors were potentially affected, ICS-CERT said

white house

Hackers target unclassified White House network

The hackers are said to be working for the Russian government, according to a news report

california flag

California reports huge jump in data breaches

Annual report says records equivalent to almost half the state's residents were lost in 2013

White House officials confirm breach on unclassified network

A White House official, speaking on the condition of anonymity, said that suspicious activity has been identified on the Executive Office of the President (EOP) network. The official, speaking to Reuters, said that mitigation efforts...

cleanup

Security vendor coalition cleans 43,000 malware infections used for cyberespionage

The removed tools were used by a prolific Chinese cyberespioange group dubbed Axiom.

serverskulls header

Shellshock attacks against MTAs could leave SMBs exposed

Small businesses have that name for a reason. They're small, so they don't have the ability to manage risk the same way a large enterprise does. In some regards, a small business is more agile and can adjust change faster, but when it...

6ways title

6 ways to stop criminal attackers in their tracks

Criminals always seem to be two steps ahead. Here are some methods to close that gap.

Waitress

'ScanBox' keylogger targets Uyghurs, US think tank, hospitality industry

The JavaScript-based attack doesn't put malware on a computer's disk

spying

Clues point to Russia in long-running spying campaign

'APT28' has predominantly focused on targets of interest to Russia, FireEye said

stephen orfei

Incoming PCI council head ready to take on the hackers

Stephen W. Orfei brings decades of experience in payment technology to his new role as general manager of the PCI Security Standards Council. Here he talks with CSO about his goals, the modern threat landscape and what it will take to...

guitar strings

Vulnerability in widely used 'strings' utility could spell trouble for malware analysts

Extracting text strings from binary files is not as safe as most people think, a security researcher found.

shellshock
In Depth

Report: Criminals use Shellshock against mail servers to build botnet

Targeting message transfer agents (MTAs), mail delivery agents (MDAs), and spam filters, criminals are using Shellshock as a means to create botnets. The process is slow, but working, thanks to a variety of server software that...

Tor Project flags Russian 'exit node' server for delivering malware

The server used a technique to append malware to legitimate code

Disaster as CryptoWall encrypts US firm's entire server installation

Paying ransom was quicker than backups

outlook attack

Cyberespionage group launches sophisticated phishing attacks against Outlook Web App users

The group targeted military agencies, embassies, defense contractors and media organizations, researchers from Trend Micro said

credit card swipe

The 'Backoff' malware linked to data breaches is spreading

A rising number of devices are connecting to Backoff-related infrastructure, Damballa says

Load More