Ransomware as a business is maturing and nowhere is that better illustrated than in Russia, according to Flashpoint researchers. The security firm released two reports on Thursday, one on a burgeoning ransomware-as-a-service business model (PDF) in Russia and the second on new developments in Russian ransomware kingpins targeting hospitals (PDF). Researchers conclude, the ransomware industry...

Forced to come clean on breaches against the U.S. Federal Reserve, the Fed on Wednesday revealed the agency that drives financial markets around the world has been breached as many as 50 times in the past five years. As part of a Freedom of Information Act request by the Reuters news agency, the public is...

Google on Wednesday updated the Chrome browser for the third time since the start of May. Chrome 51.0.2704.79 for Windows, Mac, and Linux patched 15 vulnerabilities. It also paid out $14,000 in bounties to prolific bug hunters Mariusz Mlynski ($7,500) and Rob Wu ($6,500). The previous Chrome update on May 27 addressed 42 flaws with...

Lenovo has waved the white flag on a vulnerable component of its pre-installed software updater and recommends that users uninstall it from more than 110 notebook and desktop models running Windows 10. The decision to have users yank the Lenovo Accelerator Application comes days after a Duo Labs study on bloatware vulnerabilities exposing machines from...

Remote support software company TeamViewer continues to contest claims this week it was hacked and instead claims that password reuse and careless user actions may have led to some of its customers’ machines being compromised. The German company has been vigilant with its stance since posting a statement on the issue last Monday, but that...

New malware that targets industrial control systems called Irongate was found by researchers who say the discovery should serve as another wakeup call to the security industry to shore up its detection capabilities around ICS and SCADA threats. Irongate, which shares some of the same attributes as the lethal Stuxnet malware, was found by researchers...

Russian law enforcement has made 50 arrests in connection with a five-year operation to steal three billion rubles (just shy of $45 million USD) from the country’s largest bank, Sberbank. The hackers are alleged to have exploited websites, including popular news sites, to infect victims with the Lurk Trojan, a downloader that grabs more malware...

A vulnerability that exists in embedded computers manufactured by Moxa could allow remote authenticated users to overwrite firmware, in turn rendering the devices unusable. Moxa, a Taiwan-based networking company, announced recently that instead of patching the line of products affected by the vulnerability, UC 7408-LX-Plus, it would discontinue the devices. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)...

Civil liberties and privacy groups are petitioning the U.S. government for more time to fight the FBI’s request to exempt itself from lawsuits related to its warehouse of an estimated 100 million biometric records if it’s found in violation of the federal Privacy Act of 1974. At issue is the government’s massive Next Generation Identification...

Yahoo today disclosed the contents of three National Security Letters it has received since 2013, the first time a company has made such a disclosure since the passage of the USA FREEDOM Act. Under the law, the FBI is now required to periodically review whether non-disclosure around National Security Letters remains appropriate. “We believe this...