Fancy a career as a blackmailing cybercriminal but don't have the technical nous? Don't worry, you can easily find people all too willing to help you embark on your life in cybercrime via popular freelance-hiring websites. And, it seems, you may only need to pay five dollars to get a hacker to launch a debilitating denial-of-service attack against...

The LinkedIn hack of 2012 just got a whole lot worse. If you recall, in 2012 LinkedIn reset users' passwords after hackers broke into the network, stole a database of password hashes, and posted some 6.5 million account credentials on a Russian password forum. LinkedIn was left humbled by the security breach, which revealed that they had not used a...

In February 2015, the FBI seized control of computer servers running a child sexual abuse website called Playpen. But rather than shutting down the site immediately, the FBI chose to continue to make the site available, planting software that could collect the real IP and MAC addresses of users. On a regular website that might not be a hard thing to...

You know you're living in interesting times when an app designed to tell you if your iOS device has been jailbroken is outselling the likes of Minecraft and Grand Theft Auto. And that's exactly what a new app called System and Security Info has managed to do, topping the paid apps chart ahead of some of the world's most famous games. ...

Baby retailer Kiddicare has alerted nearly 800,000 customers that a recent data breach led to the exposure of their personal information. The UK-based company notified potentially affected customers via email, stating that the compromised information included names, delivery addresses, emails and phone numbers. Kiddicare stressed that the...

Business secrets could be at risk, after researchers discovered a worrying number of developers were posting access credentials for the Slack chat system on GitHub, embedded inside code repositories and public gists. Detectify Labs blew the whistle on the problem, reporting that it had uncovered thousands of Slack access tokens by simply searching...

The desktop edition of the Opera web browser is getting a free, built-in VPN offering users a more secure and private browsing experience. The feature, announced on Opera's blog, making it the first major browser to integrate a VPN service. Opera's built-in VPN, which is currently incorporated into the Windows and Mac developer editions of the...

Researchers at BAE Systems have published a report investigating the return of the Qbot network-aware worm, revealing infections on some 54,517 PCs. 85% of the affected systems are based in the United States, with academic, government and healthcare industry networks particularly badly hit. Earlier this year, for instance, the media reported that...

A former employee of the U.S. State Department has been sentenced to close to five years in prison for an online sextortion scheme targeting young women. On Monday, U.S. District Judge Eleanor Ross sentenced 36-year-old Michael C. Ford to 57 months in prison followed by three years of supervised release, reports the Washington Times. ...

Some of the world's most popular news and entertainment websites have been spreading poisoned adverts to potentially hundreds of thousands of visitors, putting innocent readers at risk of having their computers hit by threats such as ransomware. Famous sites which displayed the malicious ads and endangered visiting computers include MSN, bbc.com,...

Did you visit a Rosen Hotels & Resorts property between September 2014 and February 2016? If so, there's a chance that your credit card details may be in the hands of a criminal gang. Rosen Hotels has published a statement on its website, revealing that it is the latest in a long line of hotel chains and retailers to have suffered at the hands of...

The RSA Conference is taking place in San Francisco this week, and all the big names in computer security have converged on the Moscone Center where they will happily tell you all about their products, services and latest research. And the only cost for you is that the vendors will likely want to scan your badge if they think you're a potential lead...

If malware on your Android phone doesn't steal any of your information, doesn't spy upon your activities, doesn't infect any of your files, and remains invisible... can we still consider it a bad thing? I think the answer is yes, but some security measures appear to turn a blind eye to a Trojan that security researchers at ESET have dubbed "Porn...

Security researchers are warning owners of Android smartphones about a new malware attack, spreading via SMS text messages. As the team at Scandinavian security group CSIS describes, malware known as MazarBOT is being distributed via SMS in Denmark and is likely to also be encountered in other countries. Victims' first encounter with the malware...

Sometimes things would be better if people didn't keep their word. Take hackers, for instance. Hackers using the online handle "DotGovs" published information about 9,000 Department of Homeland Security (DHS) workers earlier this week after stealing it from the Department of Justice's intranet. Many of us probably hoped that DotGovs couldn't be...

It's one of Microsoft's best kept secrets. First released in 2009, the Enhanced Mitigation Experience Toolkit from Microsoft (EMET for short) has been helping companies reduce the risk of being exploited via unknown vulnerabilities in Windows and Windows applications. By detecting and preventing the buffer overflows and memory corruption...

For twenty years people have been running Java in their browsers. And for much of that time, malicious hackers have been exploiting vulnerabilities in the plugin to infect computers. Although the number of outbreaks caused by zero-day vulnerabilities found in the Java plugin has reduced in recent years, many users have found it hard to muster move...

In January, I discussed how scammers commonly use money-based schemes, bot spam, pay-per-follower ploys, illegitimate direct messages (DMs), and worms to harass Twitter users. These malicious actors are in it for the money and/or for unauthorized access. They do not care where or how they need to compromise someone in order to obtain what they want,...

Aerospace parts manufacturer FACC says that its financial accounting department has been attacked by hackers, who managed to steal approximately €50 million ($54.5 million) from its coffers. Perhaps surprisingly, the company, whose largest shareholder is a Chinese aviation corporation, appears not to have been hacked for its data or intellectual...

European data center services provider Interxion recently announced it had suffered a security data breach, potentially exposing the personal information of more than 23,000 existing and prospective customers. The company notified affected customers via email this weekend, saying it had become aware...