The takedown of Gameover Zeus taught law enforcement and banks many lessons, including that Trojans are being used to steal corporate secrets, not just money, says Eward Driehuis of Fox-IT, which investigated the threat actors behind the Trojan.
The Black Hat conference features presentations that have already led to very public warnings about remotely hackable flaws in everything from Jeep Cherokees and Linux-powered rifles to Android mobile devices and Mac OS X.
News that charges were filed last week against two California residents for their alleged roles in the 2011 Michaels crafts stores breach, which involved terminal tampering, is a reminder of how much hackers have improved their techniques in just four years.
The toolbar distributed by Chinese-language search engine Baidu is being targeted by opportunistic attackers and used to exfiltrate corporate secrets, warns Rob Eggebrecht, president and CEO of the security firm InteliSecure.
Attributing the Anthem, OPM and other breaches to specific attackers might be useful for government-level diplomatic efforts. But organizations must prioritize blocking all types of espionage and cybercrime attacks, says Symantec's Vikram Thakur.
The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
Just two weeks after an international, FBI-led operation disrupted the notorious hacking forum Darkode, leading to 70 arrests, a supposed site administrator has claimed the forum will reboot on the "dark Web." But security experts question those claims.
A new security alert from NCR Corp. warns that ATM skimming attacks in the U.S. are on an upswing. And as EMV migration efforts ramp up, experts say banks and credit unions can expect these attacks to continue to increase. But what can be done to mitigate the risk?
Visa's Eduardo Perez says one of the key merchant vulnerabilities his company is most concerned about is weak remote-access controls for point-of-sale systems and devices. He offers risk mitigation advice in this exclusive interview.
RSA Conference Asia Pacific and Japan, which wrapped up last week, was a successful reflection of this region's hottest security topics. Here are some of my own observations, as well as feedback from the attendees.
A lawsuit filed against information services firm Experian alleges the company failed to detect that a customer of its data aggregator unit was a fraudster. Could stronger customer vetting have prevented misuse of information?
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
The U.S. Department of Justice has charged three men in a fraud scheme reportedly tied to hacks of JPMorgan Chase. Separately, two men are charged with running an unlicensed online bitcoin exchange used by Russian criminals.