At least six different men are suspected of being involved in planting hardware keyloggers at a department store with the purpose of stealing credit card information from cash registers.
SQL injection attacks are still common occurrences, especially based on the recent indictments filed against five hackers who were allegedly involved in an international credit card scam. Those involved allegedly siphoned off as many as 160 million credit card numbers, resulting in a $300 million dollar loss over a seven-year period ending in 2012.
The US Emergency Alert System has a serious vulnerability that may allow it to be hijacked by a remote attacker. The problem revolves around systems used to receive and authenticate emergency alert messages, and pertains to specific Linux-powered application servers from Digital Alert Systems.
Hackers broke into Opera Software and made off with at least one digital certificate, which was then used to distribute malware. This was revealed in a new blog post on the company's Security @ Opera blog, which noted that the security breach was discovered on June 19.
Hackers broke into the Twitter account of the Associated Press news service this week, posting a fake message that triggered a stock-market reaction that saw $200 billion briefly erased from United States markets.
Chinese hackers allegedly broke into the New York Times network and made off with the passwords of every employee. This was revealed in a report published by the Times this week. On Thursday, the Wall Street Journal came forward and announced that it had also been hacked. The latter is currently working with authorities and security specialists to clean up its systems.
A hacker claims to have cracked Microsoft's system that prevents unsigned desktop apps from running on its Windows RT tablet platform. Identified only by the name "clrokr" on Twitter, the hacker says he exploited a vulnerability that was in the Windows kernel "for some time," according to a new blog post that outlined the technical details behind the hack.
In the wake of major password leaks from large sites like LinkedIn, the programmer who implemented the md5crypt() function found on FreeBSD and Linux-based operating systems has stepped forward to announce that the function no longer provides security.
Additional details have emerged from the compromise of the Nasdaq network that took place last year. While the investigation is still ongoing, the prognosis is starting to look grimmer than initially
Citigroup (NYSE: C) can't seem to catch a break when it comes to securing its data. About two months after its credit card database was breached this spring, data from its credit card division in