It has been a fairly slow year for Mac malware. But a former NSA researcher has dug into the first Mac malware sample that was detected earlier this year - dubbed "Fruitfly" - and found at least 400 computers, and possibly more, infected with a variant of the malware.
Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
Two Iranian nationals remain at large after being charged by the U.S. Department of Justice with hacking into a Vermont-based engineering firm and stealing software used to develop projectiles, ranging from bullets to GPS-guided artillery shells and missiles.
Dow Jones is blaming user error for an Amazon Web Services S3 bucket misconfiguration that exposed data on about 2.2 million customers. In recent months, Verizon, WWE, Scottrade and a data analytics firm aligned with the Republican Party have been similarly caught out.
An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Analytics can play a critical role in cracking down on identity fraud, says Shaked Vax, Trusteer products strategist at IBM Security, who explains how to use the latest tools to identify network intruders.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
As the count of NotPetya victims grows, Ukraine warns that it's also being targeted with a new WannaCry lookalike that hit state power distributor Ukrenergo. Security researchers say that marks the fourth recent campaign targeting Ukraine that's based on lookalike ransomware.
A massive, global ransomware outbreak has been hitting airports, banks, shipping firms and other businesses across Europe and beyond. Security experts say the apparent Petya variant appears to spread in part by exploiting the "EternalBlue" SMB flaw in Windows, previously targeted by WannaCry.
How can a supercomputer help enterprise security teams respond to today's evolving threat landscape? Martin Borrett of IBM and Ronan Murphy of Smarttech discuss the promise and impact of Watson for Cyber Security.