Image The Internal Revenue Service has confirmed a data breach of 100,000 taxpayers' account information. According to a statement posted on the IRS website, criminals allegedly used sensitive information stolen from non-IRS sources to gain unauthorized access to taxpayers' accounts. To access the site, the criminals made use of...

Image It's been almost a year since what some analysts consider the first successful major threat to mobile banking, known as Svpeng, hit the United States. Spreading via a text message campaign, the Svpeng malware went after Android phones. While Svpeng didn’t steal mobile banking credentials, it did detect the presence of certain...

Image A security firm has revealed that upwards of 2.8 million users have downloaded scareware masquerading as legitimate Minecraft apps off of Google Play Store. According to a blog post written by Lukas Stefanko, a Malware Researcher for ESET, 30 malicious applications pretending to be cheats for the popular computer game...

Image For some reason, Europe’s ‘The Final Countdown’ was playing in my head as I sat and pondered this write-up. I suppose that’s fitting given that we are about to cross the 60-day mark until Windows Server 2003 goes End-of-Life. The concept of product EOL can be confusing, especially given the frequent cross-contamination that...

Image Last week, we explored the story of Randall Charles Tucker, a serial distributed denial of service (DDoS) attacker who targeted the websites of government authorities whom he felt were guilty of unjust behavior. We now report on the story of Brandon Bourret and Athanasios Andrianakis, two men who developed an app that searches...

Image Thousands of patients have been alerted that their medical records were potentially stolen in a data breach that affected at least three hospitals located in Bergen County, New Jersey. According to officials, an employee of Medical Management LLC, a healthcare billing company located in North Carolina, allegedly stole the names,...

Image While we're all collectively struggling with how to internalize Logjam, a high-profile vulnerability that doesn't have a catchy logo, I'd like to take those who are interested aside for a moment to consider how we might talk about the threat this vulnerability poses. I'll start with some basics, but if you want more technical...

Image We at Tripwire would like to encourage everyone to vote for their favorite security blogs in the third annual EU Security Blogger Awards 2015! Tripwire is especially proud to have been named a finalist for five categories in this year's awards among numerous other respected publications and professionals. The State of Security...

Image A security researcher has made a ransomware removal kit available online with the hope that it will help security professionals and system administrators alike in responding to instances of ransomware infection. Researcher Jada Cyrus has published the kit on Atlassian Bitbucket. The kit itself consists of removal tools for...

Image It's the kind of bad news that every organisation hopes it will never have to find itself sharing with its customers - hackers have breached computer systems, and accessed a database containing sensitive personal information. On this occasion, the corporate victim warning 1.1 million customers that an attack has occurred is...

Image During my career, I have built and managed hundreds of production-level client and server systems, and nothing can be more worrisome than when it comes time to apply patches and upgrades to software. Why? Because things can, and often times, do go wrong during patch and upgrade cycles. According to a few reports, it is possible...

Image Telstra's Pacnet has begun contacting its customers following the discovery of a data breach that compromised its corporate IT servers on which customer data is stored. Several high-profile Pacnet customers, including the Australian Federal Police and other government agencies, were exposed by the breach. It is unclear at this...

Image A new potentially high-impact vulnerability called LogJam has been revealed by researchers, which has similarities to the FREAK (CVE-2015-0204) vulnerability disclosed a few months ago, whereby a man-in-the-middle attack can be implemented to weaken the encryption between client and server. Like FREAK, the LogJam vulnerability...

Image Last week, we published a list of the top 10 conferences in information security. In our article, we strove to include some of the biggest events in the industry. But realizing that we likely missed a few, we invited you – our readers – to write in and let us know of the conferences you feel should have made the list. Thank you...

Image Protecting enterprise networks is a constant game of cat and mouse between information security professionals and malicious actors targeting their assets. Attackers are constantly changing their tactics for both establishing their foothold in the network, as well as methods on how to exfiltrate data back to systems they control....

Image According to a recent report, analysts discovered a record-breaking 4.1 million new malware threats in the second half of 2014. Image Researchers at German antivirus firm G DATA revealed that the 77 percent spike from 2013 resulted in nearly six million new malware strains identified...

Image A security firm has discovered a vulnerability in Apple’s Safari Browser that allows attackers to spoof legitimate websites and phish for user credentials. Security firm Deusen reveals that the flaw works by using a short script to force Safari into loading one page while still displaying the URL of another page. This script is...

Image On Friday May 15th, a Canadian news outlet published a copy of the application for a search warrant filed by the FBI after Chris Roberts was removed from a United flight for tweeting about hacking a plane. If you’ve never read a search warrant for electronic devices, it’s an educational read. The purpose of the warrant was to...

Image Last week, we explored the story of Valérie Gignac, a Canadian woman who is believed to have hacked users’ webcams and subsequently harassed them. We now report on the story of Randall Charles Tucker, a serial distributed denial of service (DDoS) attacker who targeted the websites of government authorities whom he felt were...

Image Some mods of the popular computer game Grand Theft Auto V have been found to contain malware. In the game’s online forums, users have identified malicious code in the ‘Angry Planes’ and ‘Noclip’ mods. The former spawns planes that attack players, and the latter allows players to walk through walls and other objects. One...