Russian APT comes back to life with new US spear-phishing campaign
Cozy Bear (APT29) makes a comeback after last year's Dutch and Norwegian hacking campaigns.
Trump signs bill that creates the Cybersecurity and Infrastructure Security Agency
The US now has an official federal cybersecurity agency.
Google Play Protect analyzes every Android app that it can find on the internet
Play Protect, a security service included in the Play Store app, lives up to all the hype that Google created last year.
AWS rolls out new security feature to prevent accidental S3 data leaks
New settings will prevent accidental S3 bucket leaks --if customers take the time to apply them.
Most antivirus programs fail to detect this cryptocurrency-stealing malware
Traditional antivirus software has a tough time detecting malware used in the campaign.
Winter Olympic Games hackers are back with an updated arsenal
The group behind Olympic Destroyer are back with an evolved toolkit and malware droppers.
Malicious code hidden in advert images cost ad networks $1.13bn this year
So-called steganography is rapidly becoming a favored tool of fraudsters.
Most ATMs can be hacked in under 20 minutes
Experts tested ATMs from NCR, Diebold Nixdorf, and GRGBanking.
Google to pay JavaScript frameworks to implement performance-first code
Google to create $200,000 fund to sponsor the addition of "on by default" performance-related updates in popular JavaScript frameworks.
DOD disables file sharing service due to ‘security risks’
AMRDEC SAFE portal had been to handle the transfer of classified and non-classified materials.
Japanese cybersecurity minister finds computers a mystery
The man in charge of cybersecurity not only said he does not use a PC but seemed stumped when asked about risks associated with USB drives.
One in five Magecart-infected stores get reinfected within days
A large number of reinfections take place within a day or week. Average reinfection time is 10.5 days.
Dutch government report says Microsoft Office telemetry collection breaks GDPR
Microsoft pledges to address issues; has already released a "zero exhaust" Office telemetry setting.
Many free mobile VPN apps are based in China or have Chinese ownership
Chinese affiliation raises a sign of alarm in light of China's recent clampdown of "unauthorized" VPN services.
Guilty of your roots: Why Kaspersky believes tech nationalism is on our doorstep
The answer lies in why Kaspersky has now moved core systems from Russia to Switzerland.
Researchers discover seven new Meltdown and Spectre attacks
Experiments showed that processors from AMD, ARM, and Intel are affected.
Card skimming malware removed from Infowars online store
Infowars online store hit by brief Magecart incident that lasted around 24 hours. Less than 1,600 users may have been affected.
Microsoft patches Windows zero-day used by multiple cyber-espionage groups
Kaspersky: Windows zero-day exploited by multiple cyber-espionage groups.
Facebook patches another bug that could have allowed mass-harvesting of user data
Imperva security researcher publicly discloses bug today, but Facebook patched the issue back in May.
Google traffic hijacked via tiny Nigerian ISP
A large chunk of the hijacked traffic passed through the network of a controversial Chinese state-owned telecom provider that was previously accused of intentionally misdirecting internet traffic.
Instagram flaw exposes user passwords
A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users.
The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...
Julian Assange Charges, Japan’s Top Cybersecurity Official, and More Security News This Week
Safer browsing, more bitcoin scams, and the rest of the week's top security news.
SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more
Plus, why is Kaspersky Lab getting into chess? Roundup What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
Is retaining a cybersecurity attorney a good idea for your business?
Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.
Machine Learning Can Create Fake ‘Master Key’ Fingerprints
Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.
