A trojanized version of the open source SSH software tool called PuTTY is being used to gain remote access to computers and steal confidential information, warned Symantec researcher Dumitru Stama in a blog post.
Brandon Bourret and Athanasios Andrianakis were arrested last week for creating the Photofucket tool to hack into accounts at Photobucket, a firm that operates an image and video hosting website, the U.S. Department of Justice announced.
If I might use a boxing analogy, cybercriminals are "jabbing" companies with short-duration DDoS attacks to distract them from the right-cross of a major data breach.
While much of the media coverage about data breaches focus on attacks by outside elements, many of the less publicized cases of data theft results from malicious insider actions. PwC recommends a phased approach that involves all departments in a company to prevent those insider attacks.
Cybercriminals are stealing source code for algorithms that hedge funds and high-frequency traders depend for their proprietary trading models, the Financial Times reported.
While high-tech cyberattacks using sophisticated malware and deceptive techniques are much in the news, companies can also lose valuable data from someone walking by a desk or looking at a computer screen.
The Department of Justice has charged Russian national Vladimir Drinkman for his alleged role in the largest international hacking and data breach scheme ever prosecuted in the United States.
Many IT security pros are worried that their company's website is the soft underbelly of their security armor. Websites are often developed and deployed hastily to meet a pressing market need with little thought to security.
The issuing of fake digital certificates, such as the ones issued by in-flight Wi-Fi provider Gogo to prevent users from visiting YouTube, can undermine security and lead to man in the middle attacks in which attackers are able to intercept internet traffic.
Electronic payments processor Charge Anywhere admitted this week that malware on its networks could have exposed credit card data from transactions over a five-year period.