Cybercrime & Hacking

Cybercrime & hacking news, trends, analysis and practical advice

data breach thinkstock
Phishing for passwords.

Email

Facebook, Yahoo prevent use of recycled email addresses to hijack accounts

A new mechanism helps email servers determine if a message was intended for a recycled account's previous owner

Akamai sees record-setting spikes in DDoS attacks

The size and volume of DDoS attack exploded in the past year, with a 389% increase in average attack bandwidth between the third quarter of 2013 and the third quarter of 2014, according to Akamai Technologies.

Abandoned subdomains pose a security risk for businesses

Many companies that set up subdomains for use with external services, but then stop using those services, could be leaving open a loophole attackers can exploit.

cybersecurity lock touch worker man

Microsoft misses Windows bug, hackers slip past patch

Microsoft patched one bug in Windows last week, but missed another that hackers continue to exploit.

ddos symantec

Symantec sees rise in high-traffic DDoS attacks

A type of distributed denial-of-service attack, DNS amplification, has risen sharply, according to new research from Symantec.

Insider Threats – how they affect US companies

Insider Threats – how they affect US companies

In the second post of the Insider Threat series, we looked at basic definitions of insider threat incidents and their impact on organizations. Now we will have a closer look at how malicious insider threat actions affect companies in...

Binary data cloud.

China attacks push Apple to warn users of iCloud threats

Apple warned users about attacks on its iCloud website, after monitoring groups said China tried to intercept customer information from the service.

Exclamation point on screen.

Microsoft warns of Windows zero-day; hackers serve exploits in PowerPoint files

Microsoft warned users Tuesday that cyber criminals are exploiting a zero-day flaw using malicious PowerPoint documents sent as email attachments.

fido alliance u2f usb authentication oct 2014

Google extends two-factor authentication with physical USB keys

Google is letting users protect their accounts against password compromises by adding support for two-factor authentication based on physical USB keys.

staples store

Staples confirms data breach investigation

Investigative journalist Brian Krebs reported that multiple banking sources were seeing a pattern of credit and debit card fraud. The common thread between each case were purchases made at Staples Inc. stores in the Northeastern U.S.

Man-in-the-middle attack on Chinese iCloud users

Chinese Big Brother launches nationwide attack on iCloud

Since the iPhone 6 launched in China, Chinese authorities have been staging a man-in-the-middle attack, via a self-signed digital certificate, so when Chinese users connect to iCloud.com, they are instead redirected to a spoofed...

Researcher creates proof-of-concept worm for network-attached storage devices

Network-attached storage (NAS) devices are riddled with vulnerabilities that can put the security of sensitive data and networks at risk, a researcher has found. To prove his point, he has created a proof-of-concept worm that can...

dropbox phishing

Dropbox used for convincing phishing attack

Dropbox's file storage service was used for a tricky phishing attack, although the service was quick to shut down it down, according to Symantec.

Invincea screenshot

Hackers strike defense companies through real-time ad bidding

Hackers have embraced a major change in how online ads are sold and are now using advanced ad-targeting capabilities to precisely deliver malware.

Encryption

FBI director calls for greater police access to communications

Apple and Google should reconsider plans to enable encryption by default on their smartphones, and the U.S. Congress should pass a law requiring that all communication tools allow police access to user data, FBI Director James Comey...

All-in-one printers can be used to control air-gapped systems

Isolating computers from the Internet, which is known as "air gapping," is considered one of the best ways to defend critical systems and their sensitive data from cyberattacks. But researchers have found that system can be undermined...

Facebook doubles reward for bug reports in ad code

Facebook is doubling the rewards it will pay for security vulnerabilities related to code that runs its advertising system.

Fish meets phish. Guess who wins?

This university's IT department regularly sends out warnings about scammers and phishing, since some students and faculty fall prey every semester. But not everyone gets the idea.

Load More