News

fail stamp
13 communicate security strategy threat education

stealing a password

Researchers find over 40,000 stolen logins for government portals

A phishing operation led to the theft of more than 40,000 login credentials for government services in 30 countries.

Hacking stealing password data

Attacking from inside, cyber crooks rake in millions from banks

Crooks stole tens of millions of dollars from banks with hacks involving hidden devices and direct connections to local networks.

binary code matrix broken / breached / failed / hacked / security risk / threat / vulnerability

Hackers get into National Republican Congressional Committee's email system

The National Republican Congressional Committee's email system was hacked leading up to midterm elections.

security trust

What is digital trust? How CSOs can help drive business

Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.

eye binary retina scanner security identity access management

Microsoft, Mastercard propose universal digital identity program

Microsoft and Mastercard say the “single, reusable digital identity” could solve identity verification issues and help with fraud prevention.

marriott breach

US senator proposes jailing execs, fining companies for data breaches

Following the Marriott breach, a U.S. senator proposes jailing senior company executives and levying multi-billion-dollar fines for data breaches.

jobs collaboration careers network

Security executives on the move and in the news

Find up-to-date news of CSO, CISO and other senior security executive appointments.

fbi badge gun

Ad fraud botnet 3ve shut down after infecting 1.7 million PCs

An enormous ad fraud botnet, 3ve, was shut down after 1.7 million PCs were infected to falsify 12 billion ads per day.

phishing hacker binary keyboard privacy security breach

Hacker adds malicious bitcoin-stealing code to popular JavaScript library

An NPM package with 2 million weekly downloads had malicious code injected into it. Plus, more problems arise from the Windows 10 October 2018 Update.

amazon sign

Amazon 'technical error' exposes undisclosed number of customer names and emails

Amazon isn't saying how many customers had their names and email addresses exposed due to a data leak caused by an unexplained technical error.

certificate

Google makes good on promise to remove some Symantec PKI certificates

If you get this digital certificate error using Chrome, then Google now considers that website's Symantec PKI certificate untrustworthy.

spearfishing trap

Russian Cozy Bear APT 29 hackers may be impersonating State Department

Russian Cozy Bear hackers may be impersonating the U.S. State Department in a large, new spear-phishing campaign, plus other cybersecurity news.

windows bug

Microsoft covertly collects personal data from enterprise Office ProPlus users

Experts raised privacy concerns when a data protection impact assessment found Microsoft covertly collects personal data from users of the enterprise version of Office ProPlus.

networking background

Possible BGP hijacking takes Google down

Google went down Monday as a border gate protocol (BGP) issue rerouted traffic to China, Russia, and Nigeria.

group of hackers in digital environment

Cylance researchers discover powerful new nation-state APT

A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.

hacker

Cyber criminals abuse US Postal Service Informed Delivery for ID theft

Criminals are abusing the US Postal Service's Informed Delivery for ID theft and fraud. Meanwhile, vulnerabilities were found in Oracle's VirtualBox, WordPress and Adobe ColdFusion servers.

deepfakes fake news unreal doctored malicious personal attack video audio

Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous

White House promotion of an allegedly doctored press conference video shows how "shallow fakes" can manipulate opinion.

hovering drone / camera / propellor blades

Critical authentication flaw in DJI drone web app fixed

Check Point researcher finds vulnerability that could have allowed attackers to spy on drone fleets in real time.

Load More