The term advanced persistent threat, or APT, is a misnomer because most APT attacks are anything but advanced, says John Pirc, chief technology officer at security testing firm NSS Labs.
Most major companies have done little to fix vulnerabilities exploited by the Heartbleed bug, according to a study by Venafi Labs.
An international cybercrime ring was behind the breach of the StubHub online ticketing service that resulted in the theft of $1.6 million worth of tickets, according to Manhattan District Attorney Cyrus Vance.
Around 95 percent of Fortune 1000 firms are vulnerable to an Active Directory flaw that could enable an attacker to steal valuable corporate data, according to security firm Aorato.
BYOD programs could make it easier for corporate insiders to steal confidential data and intellectual property warns a report at InsideCounsel.
Once the primary tool of hacktivists bent on disrupting corporate and government websites, distributed denial of service attacks are today being embraced by cybercriminals bent on extortion and distracting firms to steal sensitive data. And not surprisingly, these types of attacks are on the rise.
The Zeus crimeware kit has evolved from stealing banking credentials to targeting major cloud vendors used by Fortune 500 firms, warns Akamai's Prolexic.
As the focus of endpoint breaches will shift from PCs and laptops to tablets and smartphones, three-quarters of mobile security breaches will be the result of a misconfigured mobile app by 2017, predicts Gartner.
HTC produces the three most popular Android smartphones vulnerable to the Heartbleed bug--the HTC Evo, One S and One X--according to data compiled by security firm Lookout from 100,000 Heartbleed Detector users.
The Heartbleed flaw, a hole in the OpenSSL software that enables two-thirds of websites to encrypt data, is also present in millions of Android devices, reports Ars Technica.