Skip the navigation

More Cybercrime and Hacking News

Aloha point-of-sale terminal, sold on eBay, yields security surprises

Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal -- a brand of computerized cash register widely used in the hospitality industry -- on eBay for $200.

Emergency vBulletin patch fixes SQL injection vulnerability

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate information stored in the databases of vBulletin-based sites.

Feds declare big win over Cryptolocker ransomware

A status update filed in Pennsylvania by the U.S. Department of Justice said that both the Gameover Zeus botnet and Cryptolocker 'remained neutralized.'

How to sign up for Microsoft's restored security alert email service

Microsoft has restored service to its security advisory mailing list, but it has buried the sign-up form and made it hard to find.

Oracle to release 115 security patches

Oracle is planning to release 115 security patches for vulnerabilities affecting a wide array of its products, including its flagship database, Java SE, Fusion Middleware and business applications.

The biggest data breaches of 2014 (so far)

In the battle to keep your personal information private, it's not just hackers you have to worry about but lax security and stupidity.

Source code for tiny 'Tinba' banking malware leaked

The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.

Gmail users on iOS at risk of data theft

Apple users accessing Gmail on mobile devices could be at risk of having their data intercepted, a mobile security company said Thursday.

International police operation disrupts Shylock banking Trojan

Police from eight countries together with several private security companies disrupted the online infrastructure used by cybercriminals to control computers infected with a malware program called Shylock.

New docs show DHS was more worried about critical infrastructure flaw in '07 than it let on

The Department of Homeland Security mistakenly released details on an experiment in which a 27-ton generator was destroyed via a cyberattack.

Botnet aims brute-force attacks at point-of-sale systems

Thousands of compromised computers are actively trying to break into point-of-sale (POS) systems using brute-force techniques to guess remote administration credentials.

Russian Windows leaker denies link to ex-Microsoft worker who stole trade secrets

Notorious Russian leaker Wzor denied any link between the publication of internal Microsoft info and a former employee who stole trade secrets.

Snowden applies for extended asylum in Russia

U.S. National Security Agency whistleblower Edward Snowden has applied for extended asylum in Russia, according to news reports.

Spamhaus pushes for arrests of alleged DDoS participants

An antispam organization is pushing for quick law enforcement action against five people it alleges took part in one of the largest cyberattacks on record that caused Internet outages throughout Europe early last year.

Chinese hackers switched targets to U.S. experts on Iraq

A sophisticated Chinese hacker group that had been stealing information from U.S. policy experts on Southeast Asia suddenly changed targets last month to focus on Iraq, security researchers said Monday.

Blue Shield discloses 18,000 doctors' Social Security numbers

The Social Security numbers of roughly 18,000 California physicians and health-care providers were inadvertently made public after a slip-up at health insurance provider Blue Shield of California, the organization said Monday.

Accused Russian point-of-sale hacker arrested, will face U.S. charges

A Russian man suspected of hacking into point-of-sale systems at U.S. retailers has been arrested and faces charges in a U.S. court, the Department Justice said.

Attack on Dailymotion redirected visitors to exploits

Attackers injected malicious code into Dailymotion.com, a popular video sharing website, and redirected visitors to Web-based exploits that installed malware.

No-IP regains control of some domains wrested by Microsoft

A Nevada-based company has regained control of the majority of domains seized by Microsoft in a legal action aimed at shutting down botnets.

PF Chang's says breach was 'highly sophisticated criminal operation'

Restaurant chain P.F. Chang's China Bistro says the theft of credit and debit card information from some of its restaurants earlier this year was "part of a highly sophisticated criminal operation."