Fresh Target Breach Cards Hitting Black Market
A Bitcoin-powered marketplace is selling stolen card data in small batches, offering card validity guarantees, an RSA presentation reveals.
InformationWeek (February 28, 2014)
IBM Software Vulnerabilities Spiked In 2013
Most code flaws still involve non-Microsoft products, and overall patching speed has improved, study presented at RSA conference finds.
InformationWeek (February 27, 2014)
Apple Patches Mavericks SSL Flaw: Update Now
Security update patches "goto fail" flaw that enables attackers to intercept communications, but won't help the 23% of Macs running older OS X.
InformationWeek (February 26, 2014)
Apple SSL Vulnerability: 6 Facts
SSL vulnerability that's been patched in iOS -- but not yet for OS X -- lets attackers intercept email and FaceTime communications, plus push malicious software updates.
InformationWeek (February 25, 2014)
Healthcare Devices: Security Researchers Sound Alarms
Default usernames, weak passwords, and widespread Windows XP Embedded systems are cause for concern, SANS Institute researchers say.
InformationWeek (February 24, 2014)
WebView Exploit Affects Most Android Phones
Critical bug affects devices running Jelly Bean (4.2) and earlier Android OSs, including fully updated versions of Google Glass, says Metasploit.
InformationWeek (February 19, 2014)
Bye, Bitcoin: Criminals Seek Other Crypto Currency
Law enforcement crackdowns, hack attacks, and market volatility drive Russian fraudsters to mint their own virtual currency systems.
InformationWeek (February 18, 2014)
Snowman Attack Campaign Targets IE10 Zero-Day Bug
Military personnel appear to be the targets of watering-hole attacks from a hacked VFW website.
InformationWeek (February 14, 2014)
Target Breach: Phishing Attack Implicated
Report suggests malware-laced email attack on Target's HVAC subcontractor leaked access credentials for retailer's network.
InformationWeek (February 13, 2014)
Florida Sting Nabs Alleged Bitcoin Money Launderers
Florida undercover agents posed as fraudsters seeking to convert cash -- supposedly from stolen credit cards -- into the anonymous, cryptographic currency.
InformationWeek (February 10, 2014)
Data Breach Notifications: Time For Tough Love
Target and Neiman Marcus came clean quickly about their data breaches, but most business don't. It's time for standards -- and fines.
InformationWeek (February 7, 2014)
Target Breach: HVAC Contractor Systems Investigated
Hackers may have used access credentials stolen from refrigeration and HVAC system contractor Fazio Mechanical Services to gain remote access to Target's network.
InformationWeek (February 6, 2014)
Hotel Company Investigates Data Breach, Card Fraud
White Lodging, which manages 168 hotels under Hilton, Marriott, and Sheraton brand names, is investigating a suspected credit and debit card breach.
InformationWeek (February 5, 2014)
British Spies Hit Anonymous With DDoS Attacks
British cyber agents attacked Anonymous chat rooms, leaked intelligence documents show.
InformationWeek (February 5, 2014)
Michaels Stores Investigates Data Breach
Arts-and-crafts retailer goes into damage-control mode after banks report fraud possibly tied to shoppers' credit cards.
InformationWeek (January 27, 2014)
Target Breach: Why Smartcards Won’t Stop Hackers
"Chip and PIN" smartcard adoption in the United States is long overdue. But the security improvement wouldn't have stopped Target’s BlackPOS malware attackers.
InformationWeek (January 24, 2014)
Target Breach: 5 Unanswered Security Questions
Investigators have yet to explain how Target was hacked, whether BlackPOS malware infected its payment servers, and whether the same gang also struck other retailers.
InformationWeek (January 22, 2014)
Microsoft Delays Windows XP Antivirus Doomsday
Security Essentials for XP gets 15-month extension, but some antivirus vendors promise updates through 2017 and beyond.
InformationWeek (January 16, 2014)
Is Mob-Busting RICO Overkill For Combating Cybercrime?
The milestone conviction of 22-year-old David Camez for his participation in a Russian-run "carder" forum raises legitimate questions about the role of RICO in taking down cybercrime.
InformationWeek (December 17, 2013)
Energy Department Breach Years In Making, Investigators Say
July data breach that affected up to 150,000 employees traces back to a string of managerial and technical failures, investigators conclude.
InformationWeek (December 16, 2013)
Hardware Hacker Demos Zombie Drone Hijacker
The SkyJack drone automatically seeks out and hijacks other nearby Parrot drones. Will this mean trouble for Amazon's planned drone delivery fleet?
InformationWeek (December 04, 2013)
NSA Surveillance Infected 50,000 PCs With Malware
Leaked document details agency's "implants," satellite intercepts, joint CIA eavesdropping operations, and embassy-based monitoring programs abroad.
InformationWeek (November 25, 2013)
Twitter Two-Factor Lockout: One User's Horror Story
Is the security payoff from using Twitter's two-factor authentication system worth the risk of losing account access?
InformationWeek (October 29, 2013)
Chinese Antivirus Firm NQ Called 'Massive Fraud'
Mobile anti-malware software developer NQ Mobile denies charges that it inflates its market share and makes spyware.
InformationWeek (October 25, 2013)
Experian Breach Fallout: ID Theft Nightmares Continue
Data brokers amassing gigantic data stores of people's valuable personal information are too big to not fail. Why are consumers getting stuck with the mess?
InformationWeek (October 25, 2013)
Browser Fingerprinting: 9 Facts
Tracking technology that can identify individual identities and devices is improving faster than consumers might realize, warn privacy researchers.
InformationWeek (October 24, 2013)
Forget Captcha, Try Inkblots
Researchers propose using an inkblot-matching scheme, dubbed Gotcha, to defeat dictionary-based hacks of the Captcha system.
InformationWeek (October 17, 2013)
Dept. Of Energy Breach: Bigger Than We Realized
DOE says July data breach affected more than double the number of people in initial estimates. CIO tasks an independent investigator to probe breach and agency's technology infrastructure.
InformationWeek (October 22, 2013)
Stratfor Hacker: FBI Entrapment Shaped My Case
Online Health Exchanges: How Secure?
Hacker Jeremy Hammond asks for leniency before sentencing, citing the role of FBI informant Sabu in his case. How far can the FBI go with suspected computer criminals?
InformationWeek (October 04, 2013)
Is the data hub created by Obamacare a hacker's dream?
InformationWeek (October 02, 2013)
Can You Hack A Heartbeat?
Nymi biometric wristband promises to let you unlock everything from cars to hotel rooms without a PIN or password. It authenticates you using heart rhythms.
InformationWeek (September 04, 2013)
Exclusive: Anatomy Of A Brokerage IT Meltdown
Regulators last year issued the SEC's first-ever privacy fine against broker-dealer GunnAllen for failing to protect customer data. But former IT staffers say regulators didn’t seem to know half of this cautionary tale of outsourcing and oversight gone wrong.
InformationWeek (October 08, 2012)