Apps for wearable devices that are designed to track a user's pulse rate, blood-oxygen level or location may be leaking that data during transmission, Symantec security researcher Candid WÃ¼eest warns in a Black Hat Europe briefing.
"Cybercrime as a service" and the globalization of attacks are two of the trends noted by cyber-intelligence firm Group-IB in its third annual High-Tech Crime Report. Group-IB's Alexander Tushkanov explains the lessons that can be learned.
Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store harder to steal. But at Black Hat Europe, cryptographer Adi Shamir demonstrated how a laser and drone can be used to bypass air gaps.
Heartbleed, Shellshock, targeted attacks - the security threats to banking institutions are legion. And there are new ways banks can get better at detecting these evolving threats, says Solutionary's Jeremy Nichols.
Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
Knowing how to manipulate a hacker's cultural values could help thwart - or at least slow down - cyber-attacks, says Garet Moravec, a cybersecurity expert who'll speak at ISMG's Global APT Defense Summit on Oct. 22.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during September's NATO summit, according to iSight Partners.
Emerging reports now suggest other financial institutions may have been targeted by the same hackers who breached Chase. But how can we be sure? Mark Clancy of the Depository Trust & Clearing Corp. explains why the analysis is challenging.
JPMorgan Chase CEO Jamie Dimon said Oct. 10 that he expects Chase's annual computer security budget to double from $250 million to $500 million over the next five years in the wake of its massive data breach.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Malware-wielding attackers have compromised 800,000 online banking credentials, mainly for customers of the five largest U.S. financial services firms, a new study warns. But they may also be preparing for APT attacks against financial institutions.
Citigroup, E*Trade, Regions Financial, Fidelity Investments, HSBC, Bank of the West and ADP are now believed to have been probed by the same hackers that targeted Chase, according to news reports. But so far, none of those firms believes data was compromised.
Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.