A trio of men plugged keyloggers disguised as ordinary connectors into cash registers in a Nordstrom department store in Florida, and returned to collect days later, according to security blogger Brian Krebs.
Cyber attacks against Industrial Control Systems pose a risk to power plants and other critical infrastructure – and action is needed to ensure nations stay safe, the EU’s cyber security agency ENISA said today.
The costs of cybercrime have continued to rise for victims, for the fourth consecutive year, according to a survey conducted by the Ponemon Institute. Each cyberattack now costs companies nearly $1 million to resolve, on average – and the annualized cost to a sample of U.S. organizations was $11.56 million.
Internet Explorer users will be a great deal safer from Tuesday onwards, after Microsoft announced a patch for a vulnerability that has been exploited by attackers “for months” according to some reports.
Adobe Systems, makers of popular software such as Acrobat, admitted on Thursday that hackers had penetrated its systems and stolen source code for its Acrobat software, used to make and read PDF files. Adobe also admitted hackers had stolen data on 2.9 million customers.
Spear-phishing attacks on energy companies are becoming increasingly sophisticated, an expert has warned – and all it takes is one lucky strike to cause devastating damage to the power grid, or to companies which supply oil and gas.
Small businesses will be able to buy “cyber assurance” packages to protect against possible losses from cyber attacks – with a British insurance firm offering packages starting at £500 ($800).
An “identity theft service” which specialises in selling personal details gained access to some of the biggest consumer data firms, including Lexis Nexis and Kroll – and has had access to their computer systems “for months”. Stars such as Beyonce (pictured) had personal details leaked.
Cybercriminals are switching tactics, a leading security body has warned – and the combination of anonymisation technologies, mobile devices, and social media attacks could lead to cyberattacks with a “large impact”.
A hacked card reader – similar to the ones used in shops and restaurants – is on sale on Russian forums for $2,000, and can “text” details including PIN numbers to cybercriminals, who empty bank accounts in three hours using teams of money-launderers.
A breach which has leaked personal data for two million Vodafone Germany customers has ben claimed to be the work of an insider, according to Vodafone.
Keylogging tools to steal personal information from victims are available as a “service” from a site known as PrivateRecovery, which offers the tools for just $25 to $33 a month, according to a list of leaked records seen by researcher Brian Krebs.
Mobile banking apps pose an “important risk” to consumers as banks increasingly offer access to banking services via smartphones. A financial watchdog is to investigate the threat of bogus and malicious banking apps.
The website of the New York Times briefly disappeared this week, replaced by a banner saying, “Hacked by Syrian Electronic Army” – victim of an attack described as “sophisticated”. Twitter and the Huffington Post were also briefly affected.
One in five adults has fallen victim to hacks targeting their email accounts, social networking accounts or online bank accounts, according to a British survey conducted by the University of Kent.
Millions of dollars have been lost to an “ominous” new hi-tech tactic used by cybercriminals – where a low-powered DDoS attack is used as “cover” for a direct assault on the bank’s payment system.
The popular online “battle arena” game League of Legends has suffered a major security breach which exposed account information for North American players, as well as transaction records from 2011 including salted and hashed credit card numbers.
A hacker claims to have access to “the entire database of users on Twitter”, warning that “no account is safe”. He has leaked 15,000 account details via a file-sharing service as “proof” of his claims – although experts are skeptical.
Personal information for 14,000 U.S. Department of Energy employees has leaked in a data breach, according to the Wall Street Journal. It’s the second major breach the Department has suffered this year.