A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year - from ransomware infections alone - has been disrupted by security researchers at Cisco's Talos security intelligence and research group.
Prosecutors recommended that twin brothers Muneeb and Sohaib Akhter serve a six-year and a two-year sentence, respectively, after pleading guilty to hacking-related charges. But one of the men received a much lighter sentence.
The Court of Justice of the European Union has ruled that the EU-U.S. Safe Harbor data sharing agreement is invalid because the United States has failed to safeguard Europeans' privacy rights. Legal experts say the judgment is a direct response to Edward Snowden's revelations.
The DHS's inspector general is reopening an investigation into allegations that dozens of Secret Service agents improperly accessed Rep. Jason Chaffetz' unsuccessful application to be a Secret Service agent that he filed before he was elected to Congress. Chaffetz is running to be House speaker.
Discount brokerage firm Scottrade says hackers accessed its computer network and stole names and street addresses of millions of its clients. The firm says it learned of the intrusion from law enforcement officials.
Credit-rating provider Experian says a hack attack compromised a server storing sensitive personal information on millions of T-Mobile customers, including those requiring credit checks for service or device financing.
A Russian cybercriminal who used the Citadel banking Trojan to infect at least 7,000 PCs has received a 4.5 year jail sentence. Authorities tracked him in part thanks to his posts to a Citadel user group.
Reports that a Linux-based botnet has been lobbing 160 Gbps packet storms highlight how DDoS attacks remain alive and well. Experts also warn that DDoS attackers are mixing Windows and Linux malware and running extortion scams.
Even if China fails to live up to its promise to stop pilfering corporate trade secrets, as America's spy chief predicts, the U.S. could still benefit diplomatically from the two nations' cybersecurity agreement.
Three years after a wave of DDoS attacks hit banks, two years after the Target breach and one year after the massive JPMorgan Chase breach, Standard & Poor's for the first time has warned that it may downgrade the credit ratings of banks that have poor cybersecurity.
A new GAO report points out persistent cybersecurity weaknesses among the federal government's two dozen largest agencies. It also questions the comprehensiveness of the guidance inspectors general receive for auditing the IT security compliance of agencies.
It's been two years since enforcement of the HIPAA Omnibus Rule's modified breach notification requirements began. But the most significant changes in the federal tally of major health data breaches since then appear to have more to do with a surge in hacker activity than the new requirements under HIPAA Omnibus.
The hotel chain bearing 2016 U.S. presidential candidate Donald Trump's name has confirmed that its point-of-sale systems were malware-infected for more than a year, but it's downplaying the possibility that card data was exfiltrated or used to commit fraud.
The leader of a $24 million identity theft and tax refund fraud ring, which stole data from a military hospital, the Alabama Department of Public Health and others, has been sentenced to serve 15 years in prison. Experts recommend steps organizations can take to prevent such crimes.
The U.S. and China, as part of a cybersecurity agreement, have agreed not to conduct or knowingly support cyber-enabled theft of intellectual property with the intent of providing competitive advantages to companies or commercial sectors.