An advanced persistent threat tied to Southeast Asia and the South China Sea is targeting governments and entities around the world including the U.S. The attacks are unique, according to security experts, because the perpetrators are relying nearly 100 percent on computer code copied-and-pasted from sources on the web. Cymmetria Research, which discovered the APT...

Top router firm TP-Link has lost control of two key top level domains accessed by millions of consumers and small businesses each month. The domains, which are used to configure the company’s routers, have expired and been resold to domain name brokers who are actively seeking buyers. Security experts say the domains are at risk...

Think hackers use advanced malware and mysterious tools once they have infiltrated a network? According to security startup LightCyber, most attackers use the same mainstream security tools the good guys use, only for lateral movement, network mapping and remote control of endpoints. Of course, tactics for penetrating the network include tried-and-true techniques such as malware,...

A flaw in chipmaker Qualcomm’s mobile processor, used in 60 percent of Android mobiles, allows attackers to crack full disk encryption on the device. Only 10 percent of Android devices running Qualcomm processors are not vulnerable to this type of attack. Researchers at Duo Labs said the vulnerability is tied to Android’s problem-plagued mediaserver component coupled with...

LizardStresser, a distributed denial of service botnet, has found new life leveraging hundreds of internet-based webcams in attacks against Brazilian-based banks, government agencies as well as a handful of U.S.-based gaming companies. Researchers at the Arbor’s Security Engineering and Response Team (ASERT) say publicly released source code of the LizardStresser botnet in 2015, by the...

A breach at Massachusetts General Hospital has potentially compromised the information of roughly 4,300 dental patients, the hospital warned Wednesday. MGH was quick to point out that the data leaked wasn’t stored or maintained on its systems but those of a third-party vendor that assists the hospital in managing dental patients at several practices, including...

Internet-connected medical devices such as MRI machines, CT scanners and dialysis pumps are increasingly being targeted by hacker seeking to steal patient medical records from hospitals. Attackers consider the devices soft digital targets, seldom guarded with same security as client PCs and servers within hospitals. In a report by security firm TrapX Labs, researchers found...

If you’re one of the millions who rocked out at Hard Rock Hotel and Casino Las Vegas or slurped noodles at a Noodles & Company fast food chain in the past year, it’s time to get paranoid. Both companies announced this week separate breaches that include unauthorized access to credit card data. The Hard Rock...

The transportation industry is increasingly being targeted by cyber criminals who see the sprawling multi-billion dollar industry as ripe for financially motivated attacks. According to IBM’s X-Force security team, the systems behind planes, trains and automobiles have now become bigger paydays for hackers than industries such as the retail sector – once a favorite of...

Researchers have identified a recent wave of malware targeting the Google Play app marketplace that entices users to download utilities and games that when installed surreptitiously root devices. The exploit, which mobile security firm Lookout calls autorooting malware, gives attackers complete control of the infected device. It was discovered by researchers in an app called LevelDropper....