SecurityWeek

The U.S. Internal Revenue Service (IRS) announced last week that it relaunched its Get Transcript online service after making some security improvements to its authentication process.

Researchers have recently noted a large scale switch from the Angler exploit kit (EK) to the Neutrino exploit kit. Last Wednesday SANS ISC noted that CryptXXX ransomware was now being delivered by the Neutrino EK. "Until then, I'd only seen Angler EK distribute CryptXXX," reported Brad Duncan.

North Korean hackers managed to steal thousands of records from private firms and state agencies in the South including defense industry information and files from Korean Air, Seoul police said Monday.

Netgear released firmware updates last week for its D3600 and D6000 Wi-Fi modem routers to address a couple of serious vulnerabilities reported to the company in December 2015.

Researchers are fairly confident that the Palestinian terrorist organization Hamas is behind the cyber espionage group known as Gaza Hackers Team, Gaza Cybergang and Molerats.

Symantec Expands IoT Security Portfolio to Connected Cars

The leaked source code of the Carberp Trojan has spawned numerous malware variations, and a new one has emerged showing increased sophistication.

In an effort to help secure open source software, Mozilla this week announced the creation of Secure Open Source (“SOS”) Fund, which kicks off with an initial $500,000 grant.

Two Israeli citizens, arrested in Israel in July 2015 and extradited to the US this week pleaded guilty Thursday to orchestrating a computer hacking and fraud scheme that included, but was not limited to, the theft of personal information on 83 million customers from

Siemens has released firmware and software updates to address a couple of vulnerabilities affecting some of the company’s SIMATIC industrial automation products.

$2.3 billion stolen from 17,642 victims in at least 79 countries. These are the current figures for the growing scourge known as business email compromise (BEC) from 2013 to 2015.

Malicious email campaigns spreading the Dridex banking Trojan and the Locky ransomware have been inactive for over a week after the Necurs botnet that fueled them experienced an outage, Proofpoint researchers reveal.

Singapore's prime Minister Lee Hsien Loong has defended the country's controversial decision to cut off civil servants' work computers from the Internet, calling the move "absolutely necessary" to keep information systems secure.

VMware has released updates for some of its products to address several vulnerabilities, including an information disclosure issue rated critical.

Fast food restaurant chain Wendy’s informed customers on Thursday that the number of locations where cybercriminals compromised point-of-sale (PoS) systems is much higher than initially estimated.

Last month, information associated with more than 100 million LinkedIn accounts has emerged online, and malicious campaigns that abuse this user data have started to appear.

Trihedral Engineering, a Canada-based company that specializes in developing software for SCADA systems, has patched several remotely exploitable vulnerabilities in its VTScada product.

A serious Chrome vulnerability patched recently by Google allowed hackers to execute arbitrary code on a system by using malicious PDF documents.The vulnerability, discovered by Aleksandar Nikolic of Cisco Talos, is a heap buffer overflow (CVE-2016-1681) affecting PDFium, the default PDF reader in the Chrome web browser.

A vulnerability affecting routers and switches from Cisco and Juniper Networks can be exploited by remote attackers to cause the devices to enter a denial-of-service (DoS) condition.