In a repeat of the attacks against British Airways and Ticketmaster, it appear that online retailer Newegg.com has been hit by the credit card harvesting gang known as Magecart.
Europol's fifth annual Internet Organised Crime Threat Assessment paints a pessimistic picture of the state of the fight against cyber-crime.
Dutch and Swiss authorities identified and arrested two Russian agents who were planning to hack into a Swiss lab analysing samples of Novichok from Salisbury and sarin gas from Syria.
Several US Senators queried Secretary of State Mike Pompeo in a letter earlier this week on why mandated cyber-security reforms, including the implementation of multifactor authentication (MFA), had not been implemented.
North Korean officials have denounced and denied a US indictment that accuses one of its citizens of helping carry out the 2017 WannaCry global ransomware attack.
Nearly one-third of surveyed companies that experienced a data breach in the previous 12 months said the incident cost certain employees their jobs.
In an effort to train up the US workforce and close the cyber-skills gap, a bipartisan group of lawmakers Thursday unveiled the Cyber Ready Workforce Act.
Police in Germany and Sweden, supported by Europol and Frontex, have arrested two suspects and searched multiple properties in a joint credit card fraud investigation.
The US Department of Justice has been busy on the cyber-crime front the past few days, accepting a guilty plea from a Russian national, extraditing a second in a separate case, and sentencing a Latvian citizen for a third hacking scheme.
The Cobalt Gang cybercrime group has launched a new round of phishing campaigns targeting primarily Russian and Romanian banking customers with CobInt, a recently discovered malicious backdoor and downloader.
The government's technical notice on GDPR suggests that businesses may have to rewrite their contracts with EU partners to transfer personal data after Brexit.
The Swiss-based data company Veeam exposed more than 445 million records when it used a misconfigured MongoDB hosted on Amazon Web Services that did not require any password to access.
The National Cyber Security Centre initiated the request that led to the company that hosted BAways.com blocking the site, but the hosting company still has not been contacted by British police, the company told SC Magazine UK.
Rarely does the future of the internet end up in court, but that's no exaggeration today at Europe's highest court.
A Russian man allegedly part of a series of hacks targeting the financial industry and resulting in the theft of data on more than 80 million people, has been extradited from the nation of Georgia to the US.
Apple has more rotten apps in its App Store than many people may realise and the company is not always quick to act in removing titles that have been proven malicious, according to two new reports.
An analysis of the British Airways payment page shows that the site is loading files from seven external domains that have little or nothing to do with payment processing, according to a security expert
Security researchers have discovered a new mobile malware campaign targeting Iranian citizens as well as evidence that the Iranian government might be behind the operation.
British Airways reported that its website and web app had been breached by attackers who downloaded customer data including credit card details, email addresses and postal addresses.
US names and indicts Park Jin Hyok, a North Korean, for the WannaCry and Sony hacks and conspiring with others to steal £62 million in the SWIFT bank hack in Bangladesh, implicating N Korean government.
Agreed definitions of cyber-attack & defence abilities, such as STIX, provide greater precision, enabling more meaningful security discussions, more closely matching defence & threat levels, says NCSC.
A shareholder in UK-based Nielsen has launched a class action lawsuit in the US alleging the company misled investors by claiming to be prepared for GDPR, a case which is potentially worrying for many other companies.
The UK will push for new EU sanctions against those responsible for cyber-attacks and gross human rights violations - and for new listings under the existing regime against Russia.
A new financial malware camouflaged as a security module and dubbed "CamuBot" is targeting Brazilian Banking customers.
Attorneys representing the plaintiffs in a federal class-action data breach lawsuit filed against Premera Blue Cross have entered a motion for sanctions against the health insurance organisation.
Former President Barack Obama may have blown through his US$ 65 million (£51 million) book deal and has resorted to blackmailing unsuspecting internet users in ransomware attacks judging by the name of a recent ransomware.
A breach at China's largest hotel operator Huazhu Hotels Group impacted more than a half-billion pieces of customer data.
Cuts since 2011 have cost the Met Police more than £700 million in funding, or nearly 40 per cent in real terms, while cyber-crime is rising, and acquiring and keeping cyber-specialists becomes harder.
International intelligence cooperation organisation Five Eyes says its governments would seek access to encrypted communications through whatever means necessary if tech companies 'impede' access.
A design error during an upgrade on a US Freedom of Information Act request site exposed personal information, including Social Security numbers, birth dates and immigrant identification numbers.
CrowdStrike researchers partially confirmed reports from the APT-hunting group Intrusion Truth, verifying several findings that allegedly draw connections between the threat group APT10 and a Chinese foreign intelligence agency.
The FBI is launching a website to help educate the public regarding campaigns that spread disinformation with the goal of influencing American society and lowering citizen's confidence in specific US individuals and institutions.
What can we learn from reading about the exploits of a successful Russian cyber-criminal, and are there lessons we can implement?
Spanish bank DDoS'd reaction; 100 days on from GDPR...And 500 for the end of Windows 7; Chinese hackers target Japan & west; Fiserv online banking flaw fixed; CEOs most impersonated
An FBI official has denied an accusation echoed by President Donald Trump that Chinese hackers infiltrated Hillary Clinton's private server and accessed classified information.
US prosecutors in Alaska last week filed charges against a Washington man who is allegedly linked to the Satori IoT botnet that infected more than 280,000 IP addresses in 12 hours upon its debut in late 2017.
Revising its privacy policies, encrypted messaging service Telegram this week announced on its website that moving forward it will cooperate with terror investigations.
There were fears about the level of data breaches that would be revealed by GDPR's requirement for organisations to report them - and the initial results show reported breaches have more than doubled.
The Bank of Spain's website hit by a distributed denial-of-service attack on Sunday which disrupted access to the site.
Iranians steal academic resources in bid to counter sanctions; Google shuts Iranian subversion efforts
Iran is identified as responsible for hacking international university resources to circumvent sanctions and access the latest research information, while Google shuts covert Iranian political influence bid.
Facebook bans MyPersonality app, notifies 4 million users affected, follows purging of suspect accounts
After the creators of the myPersonality app refused to be audited, the Facebook banned the app in a purge that saw 400 additional apps suspended; earlier this week 652 'inauthentic' accounts purged
A pair of Necurs botnet-fueled phishing campaigns were found targeting the banking industry this month, using Microsoft Publisher (.pub) file attachments to drop the FlawedAmmyy remote access trojan.
The widely reported hacking attempt on a voter database reported by the US Democratic National Committee (DNC) was a false alarm - white hat hackers were simply simulating a phishing test.
Microsoft has shutdown six websites created by the Russian Fancy Bear cyber-crime gang targeting members of the US Senate and conservative think tanks and potentially intended to launch cyber-attacks.
Vulnerabilities in smart irrigation systems could result in water consumption rocketing, with hackers potentially causing water shortages by taking over connected systems.
In the US the NIST Small Business Cybersecurity Act became law - a year and nearly four months after the measure was introduced - after US President Donald Trump signed the legislation into law last week.
The lawsuit stems from an incident on 7 January 2018 in which an AT&T agent allegedly committed identity theft to gain unauthorised access to Terpin's mobile phone account.
It is reported the US underestimated China's ability to penetrate the communication system used by the CIA to interact with its sources in China, having deployed the system successfully in the Middle East.
Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense