Latest News
Shoddy server configuration gives researchers glimpse into PunkeyPOS
PandaLabs was able to work around the password to access the server controlling PunkeyPOS without credentials because the bad guys didn't properly configure it, the researchers said.
Nuclear EK drops out of sight: Check Point
Researchers at Check Point are taking credit for knocking the Nuclear Exploit Kit out of use, but another security company is questioning whether Check Point should have kept its knowledge under wraps to not tip off the bad guys.
Carbonite resets passwords after attackers target user accounts
Carbonite announced a forced password reset after the online backup provider discovered attackers attempting to access its user accounts.
Code generator for Swagger spec vulnerable to remote code execution
Rapid7 yesterday publicly disclosed a class of vulnerabilities in Swagger-codegen, a code generator for the OpenAPI specification, aka Swagger)
Air India frequent flier miles hacked
Unidentified individuals hacked into the loyalty program of at least 20 accounts at Air India to steal nearly $24,000 worth of frequent flier miles.
Data Breach Blog
Vermont Fish & Wildlife Department reports customer data compromised
The Vermont Fish & Wildlife Department reported that customer data may have been compromised on two separate occasions.
Featured News
Blasphemy! Godless malware preys on nearly 90 percent of Android devices
Godless, an emerging mobile malware threat capable of rooting Android phones, has started to adopt the traits of an exploit kit, in that it searches for multiple vulnerabilities through which it can automatically infect a victim.
The Threat Hunter Blog
Reports of the deaths of Angler EK and Necurs Botnet may be premature
There have been quite a few reports by researchers over the past week or so that the Necurs botnet and the Angler exploit kit are dead and buried. But don't hold your breath and don't get rid of your Angler signatures just yet.
June issue now available!
June 2016 Product Reviews
Opinions
Speak the board's language or get fired
A communication gap exists today between CISOs and the board of directors, says Feris Rifai, CEO, Bay Dynamics.
Government surveillance from Caesar to Nixon
Government surveillance is, however, not new, says Patrick O'Kane, barrister and compliance counsel.
Director's Cut
RECENT COMMENTS
SC Magazine Articles
- New RAA ransomware written in JavaScript discovered
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- 'Password attacks' continue; Citrix becomes latest victim
- Access to 70,000 hacked servers sold on hacker marketplace; industry reacts
- Gartner's top-10 list of infosec techs addresses concerns over cloud, IoT
- CEO sacked after aircraft company grounded by whaling attack
- New RAA ransomware written in JavaScript discovered
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components