Security experts are warning that millions of systems - Apache servers, Linux and Mac systems, and innumerable Internet of Things devices - may be vulnerable to a flaw in Unix that attackers are already using to gain shell access.
Financial institutions are starting to report fraud tied to the massive Home Depot payment card data breach. One card issuer calls the fraud ramp up "much greater than what we saw from Target, Michaels and Neiman Marcus."
Fraudsters continue to make inroads against financial institutions based in the United Kingdom - and beyond - because banks aren't working together to share information about the attacks they see, according to presenters at the London Fraud Summit.
A researcher says he tricked the Touch ID biometric fingerprint scanner built into the new iPhone 6, using a fake fingerprint created with glue. But it remains to be seen how well would-be fraudsters could employ this technique.
Travel-booking website Viator is notifying approximately 1.4 million customers about a data breach that could potentially affect payment card data, along with other personal information, used to make bookings.
Home Depot says an estimated 56 million payment cards were exposed in a data breach at its U.S. and Canadian stores. The retailer says an investigation revealed the breach involved custom-built malware not used in other cyber-attacks.
A cross-site scripting vulnerability at eBay.co.uk left an undetermined number of users susceptible to an attack that attempted to steal their credentials when they clicked on links within a listing offering a used iPhone for sale.
Apple announces security and privacy changes tied to the release of iOS8, including better data encryption, more secure iCloud backups, and a corporate promise to be more transparent. But it delays release of its HealthKit.
Federal government auditors have identified weaknesses in the technical controls protecting the security of the federally run Obamacare HealthCare.gov website and systems, which they say create increased and unnecessary risks.
C&K Systems, the vendor identified by Goodwill as the source of a breach that impacted about 330 of its stores, has confirmed details of the 18-month breach of its "hosted managed services environment" affecting three of its clients.