In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
The developers of the Backoff point-of-sale malware that's infected more than 1,000 U.S. businesses have continued to refine their attack code, including encrypting communications and making the malware tougher to spot or eradicate, researchers say.
Apple iOS and Mac OS X devices are susceptible to WireLurker, a previously unseen malware family that spreads via a third-party Chinese app store, and which can infect even non-jailbroken iOS devices, Palo Alto Networks warns.
The Dutch government this week upheld a 2012 U.S. extradition request for Vladimir Drinkman, who's accused of masterminding the "Shadowcrew" team that hacked Nasdaq, 7-Eleven and others, stealing 160 million cards and causing $300 million in damages.
A foreign currency flaw in Visa's EMV-based contactless payment card system in the U.K. could be abused to commit fraud using NFC-enabled Android devices, researchers say. But Visa discounts the possibility of real-world attacks succeeding.
FBI and Department of Homeland Security agents have arrested two men on charges that they stole $5.8 million using reloadable debit cards, which they funded by tricking to threatening victims into adding funds to a money-sending service.
Automated attacks have potentially compromised the majority of websites that run the Drupal content management system, giving attackers platforms for launching malware, DDoS attacks and spam, according to the Drupal security team.
A new scheme recently identified by a credit union in the Northwest demonstrates that fraudsters are increasingly changing their tactics to exploit call centers. Learn about how this scheme worked and what can be done to thwart it.
The developer of CurrentC, a mobile wallet application, has confirmed a breach at its e-mail provider, which has resulted in the compromise of e-mail addresses for those participating in a pilot program or who requested information about it.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.
Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
The annual Amsterdam gathering of information security aficionados detailed the very latest hacking threats, including cybersecurity attacks via drone, sniffing data from fitness devices, and exploiting ATMs using Raspberry Pi computers.