FIN8, a hacker group that targeted POS devices in the hospitality and retail sectors, is back on the scene with new malware, including the Badhatch backdoor that's designed to steal payment card data, according to researchers with Gigamon's threat detection unit.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
The Internal Revenue Services' internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to a U.S. Government Accountability Office audit.
An Australian cybersecurity company says it tricked BlackBerry's Cylance Protect anti-virus product into believing that some of the most pernicious types of malware, including WannaCry and the SamSam ransomware, were benign programs.
A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network.
From malware and phishing to cryptojacking and man-in-the-middle attacks, mobile threats are rampant, and organizations need to stay a step ahead. Traditional threat management has been reactive. But IBM and Wandera have joined forces to stop threats dead in their tracks before they get close to your environment.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
Apple has taken an extraordinary move to protect its users from a yet-to-be-disclosed vulnerability that could compromise Macs that have the Zoom video conferencing software installed. It released a silent update to remove a vulnerable left-behind local web server, which likely has a remote code execution flaw.
Cybersecurity firm McAfee is reportedly planning a return to the public market, eyeing an IPO that could happen as early as later this year, raise $1 billion and value the company at $5 billion, The Wall Street Journal reports. The news comes amid a record volume of technology sector IPOs, including for Crowdstrike.
Authentication vulnerabilities in certain GE Healthcare anesthesia devices could potentially allow remote attackers to meddle with the devices, researchers say. GE disputes some of the findings. Find out what other security experts have to say.
Sensitive information, including credit card and phone numbers, was left exposed to the internet on an unsecured database belonging to Fieldwork Software, which provides cloud-based services to small businesses, researchers note in a new report.