Security

Target, a popular US discount retail outlet, has confirmed that cyber-thieves have stolen debit and credit card data from 40 million people who've shopped at the store since Thanksgiving. The store is still investigating whether it was the work of ... hackers or an inside job. The information stolen covers 19 of the busiest shopping days of the year. One security expert noted that the potential haul of stolen data covers one in seven of all the credit cards in the United States. (Source: today.com ) Target learned of the attacks when credit card firms reported a dramatic increase in ... (view more)

Microsoft has joined a group determined to ditch the traditional password as a security measure. The group wants to develop alternatives that are more capable of protecting our favorite devices and most sensitive data. The group is called the FIDO ... (Fast IDentity Online) Alliance, which is based around the idea that passwords, although widely used and easy to understand, are an inherently flawed security measure because they can be guessed or stolen. Although many new authentication measures -- such as fingerprint scans -- have emerged and are more secure from a technical perspective, FIDO ... (view more)

Copycats are now using their own version of the CryptoLocker ransomware scam to steal hundreds of dollars from victims. The new malware is called 'Locker' and demands targets pay $150 USD to reclaim lost files. Locker was recently discovered by ... security firm IntelCrawler, which says the new malware is basically the same as CryptoLocker: after an infection takes hold, files are scrambled and only retrieved after a ransom is paid. So far, Locker infections have been reported in the United States, Holland, Germany, Turkey, and Russia. In the US, people in Washington DC, Texas, and Missouri have ... (view more)

Microsoft says it has significantly disrupted, though perhaps not destroyed, a major network of infected computers (also known as a 'botnet'). It's estimated those behind the scheme have generated $2.7 million a month in revenue. The ZeroAccess ... botnet is thought to involve more than two million computers infected with a kind of malware that allows cybercriminals to remotely control these systems. Rather than try to steal personal data from the computers, the operators used this control to run a major advertising scam. In effect, the operators set up websites to sell pay-per-click advertising ... (view more)

A group of security experts have failed in their bid to disable the dreaded CryptoLocker malware . That means the crooks behind CryptoLocker continue to use the ransomware scheme to demand hundreds (or even thousands) of dollars in bitcoins from ... their victims. The security group 'Malware Must Die' attempted to disable CryptoLocker by taking down a list of domains known to be associated with the cybercriminals behind the scam. Malware Must Die reportedly started its offensive last weekend. New reports suggest the campaign was successful in suspending an estimated 138 domains associated with ... (view more)

Russian security firm Kaspersky Lab has released a list of the top security threats facing the world right now. Leading the pack: ransomware like 'CryptoLocker' and cyber espionage, like the work carried out by the United States' National Security ... Agency (NSA). Kaspersky says the past year has seen a number of cyber espionage tools used on the web. Some, like "Red October", "NetTraveler", and "MiniDuke", are sophisticated tools designed to help professional spies and advanced hackers infiltrate government agencies. MiniDuke was used to steal sensitive data from dozens of organizations and ... (view more)

An online posting has exposed more than two million passwords, most of which were stolen from Google and Facebook users. The theft appears to have been made using a malicious keylogger program. The posting, which was made in Russian, was discovered ... by security firm Trustwave Spider Labs. It informed the sites that issued the passwords before publicizing the discovery. It's not yet clear how many of the passwords were still in use when the list was first published, or how many are still in use today. Just over 1.5 million of the details listed on the site were for website logins. The rest were ... (view more)