Latest News
Avast patches its web browser after Google finds flaw in Chromium-inspired product
Czech security software firm Avast Software has patched a severe vulnerability in its SafeZone web browser that if exploited could have granted hackers sweeping access to compromised computers.
Skype targeted by T9000 backdoor trojan
Palo Alto Networks researchers have spotted a new, more complex backdoor trojan that is targeting Skype users and which can identify and evade the security software found on the victim's computer.
Remtasu trojan latest tactic: posing as malicious Facebook app
The Windows-based trojan Remtasu has switched tactics, disguising itself as a malicious application for accessing people's Facebook account credentials.
Clean house to keep WordPress infection from coming back again and again
Malware keeps re-infecting sites and installing multiple backdoors in WordPress websites, according to a researcher from Sucuri Security.
Vulnerabilities allow delivery of malware through web page fonts
Vulnerabilities in the Graphite font processing library affects Firefox, OpenOffice, Thunderbird, Pale Moon, WorldPad and many Linux distributions.
Data Breach Blog
Unauthorized access leads to Neiman Marcus Group breach, 5,200 affected
Neiman Marcus Group (NMG) reported that someone gained unauthorized access to thousands of online customer accounts.
Missing drives contained PHI on 950K Centene customers
During an inventory of its IT assets, health insurer Centene discovered that six hard drives containing personal and health information on 950,000 customers had gone missing.
University of Virginia hit with Phishing scam, 1,400 affected
The University of Virginia (UVA) suffered a data breach that was initiated via a phishing scam that revealed the tax and banking data of some of the school's employees.
Featured News
Private sector can't ignore threat intel
As IT security decision-makers wrestle with how to evaluate threat intelligence solutions, especially in light of the recent demise of intel provider Norse Corp., a new report highlighted the perils of ignoring threat intelligence.
February issue now available
The Threat Hunter Blog
STIX Wrap-Up
Well, after a bit of travel that slowed me down, we're ready to wrap up our introduction to STIX. We ended last time on a high level overview of the APT1 campaign as presented by Mandiant/FireEye. That top level looked a bit like Figure 1:
SC Poll
Director's Cut
Opinions
Me and my job: Gina Chapman
Gina Chapman, senior director of security operations, Center for Internet Security
Threat of the month: February 2016
Threat of the month: Man-in-the-middle attack
Debate: Cybersecurity information sharing allows network defenders to stay ahead of adversaries.
Debate: Cybersecurity information sharing allows network defenders to stay ahead of adversaries.
Sign up to our newsletters
SC Magazine Articles
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Student SSNs exposed in University of Central Florida breach
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers
- TaxAct breached: Customer banking and Social Security information compromised
- Avast patches its web browser after Google finds flaw in Chromium-inspired product
- Skype targeted by T9000 backdoor trojan
- Clean house to keep WordPress infection from coming back again and again
- Robin Who? Dridex botnet replaced with antivirus software
- Alums file class action against UCF for PII exposure during breach