A security firm has observed that a new type of crypto ransomware whose theme is styled around the popular television series Breaking Bad is targeting Australian computers. In a post published on its Security Response blog, Symantec discusses how the ransomware incorporates several elements from Breaking Bad, which premiered in 2008 and aired its...

Last week, we explored the story of Konstantin Simeonov Kavrakov, a Bulgarian who hacked Bill Gates’ bank account and stole thousands of dollars. We now report on the story of Valérie Gignac, a Canadian woman who is believed to have hacked users’ webcams and subsequently harassed them. According to a statement published by the Royal Canadian Mounted...

According to reports, Google Inc. is planning to release its next Android version with a feature users have been asking for years now – more granular controls to protect their privacy. In a Bloomberg article, sources stated the new feature would now give users the ability to select specific...

Now more than ever, it’s evident cybersecurity risk oversight at the board level is essential to keep any business or organization afloat – and off the headlines. However, despite the abundance of data breaches and high-profile cyber attacks, C-level executives still lack understanding of these cyber risks, as well as confidence in their...

What's happened? A widespread vulnerability has been found in WordPress, that impacts millions of websites running the popular blogging software and content management system. What's the vulnerability? It's a cross-site scripting (XSS) vulnerability inside the popular JetPack plugin. and the default Twenty Fifteen theme installed on all WordPress...

The number of data breaches increased 27.5% in 2014, making measures against these types of security incidents increase significantly among large companies. What about small businesses? Do they really stand a chance against hackers and security incidents? Being a small company might make you think no hacker will bother stealing your data. But, just...

Recently, we compiled a list of the top 10 highest paying jobs in information security in an effort to help individuals navigate this exciting field as a career choice. That being said, we would be remiss if we stopped there. Information security is continuously evolving, so knowing which events offer the best opportunities for learning new ideas...

With acceptance that the prospect of unauthorised incursion, hacks and/or compromise of corporate, and personal systems is to now be expected, it would seem to make good sense to accommodate mechanisms with which the organisation may respond to such manifestation as and when they are encountered. It is this awareness which is driving many reputable...

Netflix announced on Monday the open source release of its very own system designed to analyze and categorize security events, and automatically respond to urgent incidents. The popular streaming service released its Fully Integrated Defense Operation, dubbed FIDO, after its implementation more than...

A television service provider has blamed the Lizard Squad hacking group on a series of channel service interruptions that affected weekend programming, including the highly anticipated boxing match between Manny Pacquiao and Floyd Mayweather. According to Buckeye CableSystem, which services cable customers in northwest Ohio and parts of southeast...

I've been talking to many different organizations recently about their sources of threat intelligence, and one thing I've heard numerous times is that some of the most timely, valuable threat intelligence they are receiving is via email. I’ve even heard that we’ve made some progress with STIX, as sometimes STIX content is attached to the emails...

Under proposed legislation that has been introduced to Congress in recent months, U.S. companies would be empowered to decide whether to alert their customers in the event of a data breach. According to an article published by the Wall Street Journal, the legislation would limit the need for companies to notify their customers of a security incident...

Last week, Tripwire explored the story of Austin Alcala, a teenager who penetrated a number of American videogame corporations and the United States military as a member of an international hacking group. We now report on the story of Konstantin Simeonov Kavrakov, a Bulgarian hacker who is responsible for having infiltrated Bill Gates’ bank account...

"The more I learn, the more I realize how much I don't know.” – Albert Einstein Being involved in information security is intimidating. Not just because you are dealing with complex technology with serious implications if you fail, but everyone around you is going to be smarter than you. Even your adversaries. Especially your adversaries. Get...

The Hard Rock Casino in Las Vegas has been hit with malware leading to the compromise of credit card data, names and addresses at restaurant, bar and retail locations. The compromise did not affect the hotel or casino transactions. At this time, no details regarding the specific malware or other specifics regarding the compromise were provided....

A security firm has identified a new malware campaign on Careerbuilder.com, a popular job search website, in which attackers are using phishing and social engineering techniques in order to trick users into opening malicious documents. In a post published on its security blog, Proofpoint explains...

You know what I don’t want to talk about any more? Responsible disclosure. The problem is that, as old as that discussion is for information security, it and the adjacent topics, remain relevant for many other industries. There’s a good chance you caught the media coverage of a recent incident...

The Federal Bureau of Investigation (FBI) is assisting Rutgers University investigate the source of a second targeted attack that has crippled the university’s Internet in the past month. “The Federal Bureau of Investigation is assisting the university with its search,” agency spokeswoman Celeste Danzi explained on Wednesday. ...

Thirty thousand people; five hundred vendors; a clan of security practitioners seeking out safety in their ecosystem; a tribe of knowledge pursuing the opportunity to share best practice and thought leadership to increase likelihood of survival... my first RSA. Amit Yoran’s Keynote suggests that an evolution out of the Dark Ages of Security is...

Today, security engineers at Google announced the release of a new browser extension aimed to help users better protect their Google accounts against phishing attacks. Known as Password Alert, the free, open-source Chrome extension works by alerting users when they enter their passwords into any non-Google site. “Once you’ve installed and...