Department store chains Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor have suffered a data breach that apparently exposed details on 5 million payment cards. Cybersecurity firm Gemini Advisory says the JokerStash syndicate - aka Carbanak gang - is selling the stolen card data.
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
Five days after a ransomware outbreak crypto-locked city systems, Atlanta has advised its 8,000 employees that they can once again boot their PCs and printers. But information security experts warn that the city's infrastructure still appears to have easily exploitable misconfigurations.
Ransomware isn't an easy area to study. But a team of researchers has calculated the minimum paid by all ransomware victims over a two-year period, and found that nearly 75 percent of the bitcoins attackers received got funneled onto Russia's now-shuttered BTC-e cryptocurrency exchange.
The alleged leader of a cybercrime gang tied to more than $1 billion in losses has been arrested in Alicante, Spain. Authorities say "Denis K." is a Ukrainian national who led a gang that developed Carbanak and Cobalt malware to infect PCs as well as perpetrate ATM jackpotting attacks.
Facebook is facing a new controversy after some users say they've found records of phone calls and text messages in their personal files, but claim they never granted the social networking site permission to collect the data.
The U.K. government concurs with allegations contained in a U.S. Department of Justice indictment, which charges nine Iranians, plus the Mabna Institute, with perpetrating a five-year hacking campaign designed to steal scientific secrets for Iran's military and private industry.
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
The notorious "lone hacker" known as "Guccifer 2.0," who claimed credit for breaching the Democratic National Committee and dumping stolen emails, failed to activate a VPN client at least once, revealing an IP address at the headquarters of Russia's GRU military intelligence agency, the Daily Beast reports.
The U.S. Department of Justice has announced the indictment of nine Iranians alleged to have penetrated systems belonging to hundreds of U.S. and foreign universities, government entities and private companies to steal more than 31 terabytes of documents and data.
Ransomware has struck the city of Atlanta and frozen internal and customer-facing applications, hampering residents from paying bills or accessing court information. But the city says it has working backups and expects to pay employees on time.
A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. Many of those targeted have connections to the South China Sea.
States will not have the full range of much-needed cybersecurity practices and equipment in place for this year's U.S. midterm elections. But efforts underway might deliver many much-needed improvements in time for the 2020 elections, Homeland Security Secretary Kirstjen Nielsen tells a Senate committee.