While intercepting traffic from a number of infected machines that showed signs of Remote Admin Tool malware known as HawkEye, we stumbled upon an interesting domain. It was registered to a command and control server (C2) which held stolen keylog data from HawkEye RAT victims, but was also being used as a one-stop-shop for purchasing hacking goods. WhiteHat

Organizations around the world are taking a more innovative approach to managing threats in today’s digital era, reveals the 19th annual Global State of Information Security Survey (GSISS).This year’s study – produced by PwC in conjunction with CIO and CSO – includes the responses of more than 10,000 business and IT security executives from over 130 countrie

Good samaritans and skinflints beware!Plugging in that USB stick you found lying around on the street outside your office could lead to a security breach.This is no secret, of course. We have all (hopefully) been aware of the dangers of inserting an unknown USB device into our computers for some time. Heck, the technique has even made it into the Mr Robot TV

British Airways Executive Club member accounts were hacked, it isn’t a data breach but hackers used credentials available in the underground. The popular security expert Graham Cluley reported that Members of British Airways Executive Club are noticing suspicious activities for their accounts. The Members of British Airw

According to the Breach Level Index, between July and September of this year, an average of 23 data records were lost or stolen every second – close to two million records every day.1 This data loss will continue as attackers become increasingly sophisticated in their attacks. Given this stark reality, we can no longer rely on traditional means of threat det

Pfft! Phishing - so old-school.Well, sorry to say, but it's not yet time to feel smug about being able to successfully spot a phishing scam.In fact, a new study from Google and the University of California, San Diego, finds that there are some phishing sites that are so convincing, they work on an eye-popping 45% of visitors.Granted, those sites are the true

The United States Postal Service on Monday warned workers that their data had been compromised. The breach affects not only letter carriers who walk their delivery routes and those who work in the inspector general's office but also the postmaster general himself. The Washington Post spoke to unnamed officials who said that the attack had actually been disco

It turns out that last week's bust of Silk Road 2.0's kingpin was just a hint at what was coming: namely, a multinational crackdown on dark-market sites hidden away on the Tor network.As Europol and the FBI announced on Friday, the sting, dubbed "Operation Onymous," involved 17 nations that coordinated efforts to take down more than 410 "hidden services" tha

It turns out that last week's bust of Silk Road 2.0's kingpin was just a hint at what was coming: namely, a multinational crackdown on dark-market sites hidden away on the Tor network.As Europol and the FBI announced on Friday, the sting, dubbed "Operation Onymous," involved 17 nations that coordinated efforts to take down more than 410 "hidden services" tha

Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach. The contractor, USIS, which itself found and reported the attack in August, said in a statement that the break-in "has all the markings of a state-sponsored attack."Government officials on Wednesday

In addition to the 56 million credit cards exposed in the recent breach at Home Depot, investigators have now revealed that more than 53 million email addresses were stolen too.The company, which confirmed the breach of its payment data systems in September, said that a joint investigation by its own staff, law enforcement and third-party IT experts had disc

Personal data may well have been snatched out of the US government's top employee background-checking firm in what officials are calling a major security breach. The contractor, USIS, which itself found and reported the attack in August, said in a statement that the break-in "has all the markings of a state-sponsored attack."Government officials on Wednesday

What would it take to pry Snapchat out of the hands of college age users?Heaven knows, given that nothing's worked so far.According to a report from Sumpto, a firm that markets only to those with a .edu glued to their email addresses, the fact that nearly 100,000 private photos and images were stolen from a third-party Snapchat service and posted online have

What would it take to pry Snapchat out of the hands of college age users?Heaven knows, given that nothing's worked so far.According to a report from Sumpto, a firm that markets only to those with a .edu glued to their email addresses, the fact that nearly 100,000 private photos and images were stolen from a third-party Snapchat service and posted online have

Thieves may have nicked email addresses out of CurrentC, according to Merchant Customer Exchange (MCX), the group of merchants behind the mobile payment system that's promising to put up stiff competition against Apple Pay and Google Wallet.MCX on Wednesday night sent out an email about the breach, which it said happened sometime in the preceding 36 hours, a