Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
The Ukrainian energy sector is being targeted by fresh phishing attacks, the country's computer emergency response team warns. But it's not clear who's behind those campaigns, or a recent malware infection at Kiev's main airport.
Because of the U.S. migration to EMV, 2016 is expected to be a watershed year for mobile payment adoption, says Randy Vanderhoof of the EMV Migration Forum. Now, he says, the industry should be more focused on new applications hitting the market than on the number of adopters.
Extortion campaigns waged by cybercriminals are expected to become more damaging in 2016, putting additional pressure on CISOs to enhance protection of internal networks and educate employees about extortionists' techniques, says iSight Partner's John Miller.
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
A new report from security firm FireEye that says the mobile banking Trojan dubbed SlemBunk is rapidly becoming more sophisticated illustrates why mitigating mobile malware risks must be an urgent priority for banks this year.
Cryptocurrency exchange Cryptsy has revealed that it suffered a 2014 hack attack that now leaves it insolvent. The exchange is appealing to its attacker to return the stolen bitcoins, worth $5 million today - no questions asked.
The FBI is investigating the point-of-sale malware breach at hotel chain Hyatt, which says related infections stretched for four months and affected 250 hotels worldwide. But Hyatt has yet to reveal how many customers or payment cards were compromised - or how attackers got in.
Tracing bitcoin transactions, some security experts suspect multiple gangs have each amassed more than $1 billion, making them the equivalent of "unicorns" - a term venture capitalists apply to extremely successful startup firms. In case there was any doubt, cybercrime really does pay.
The discovery of a serious remote code execution flaw in Trend Micro's consumer security software - now patched - is a reminder that even security software has code-level flaws. But shouldn't security vendors be held to a higher standard than others?
European police have arrested a "main target" as part of a previously undisclosed law enforcement effort, dubbed Operation Pleiades, against the distributed denial-of-service attack gang called DD4BC, or "DDoS for Bitcoin."
The takedown of an Eastern European gang believed to have been responsible for a string of ATM jackpotting attacks serves as a reminder of why ATMs running outdated operating systems and universal access keys pose significant worldwide security risks.
While DDoS attacks were once deemed primarily a nuisance, experts now say they're becoming a routine strategy cybercriminals use as part of a campaign to commit fraud or extortion. What are the four key attack trends to watch out for in 2016?