Yahoo is investigating a claim that a hacker created the means to access its users’ account data without needing their passwords.
In a filing to the US Securities and Exchange Commission Yahoo said that law enforcement agencies began sharing information they indicated was provided by the hacker who claimed it was account data from their users.
A group of researchers has won a grant to research and develop a modified CPU that can help detect malware and other security anomalies.
The two collaborating teams, at Binghamton University and the University of California-Riverside, believe that a hardware solution is necessary to help mitigate security threats instead of relying entirely on software. The project has been dubbed the “Practical Hardware-Assisted Always-On Malware Detection” and the three-year grant of $275,000 was awarded by the National Science Foundation.
Google released a new monthly batch of security patches for Android, fixing a dozen critical vulnerabilities that could allow attackers to compromise devices. One of the mitigated issues is a bit-flipping attack against memory chips that could lead to privilege escalation, but a more widespread rooting vulnerability in the Linux kernel remains unpatched.
What once was the plot of creative Hollywood blockbuster movies is now becoming a reality. The Internet of things (IoT) continues to grow as consumers, businesses and governments recognize the benefit of connecting devices to the internet, be it smart phones, wearable devices or smart homes. It is estimated that the number of connected devices in use by 2020 will be 30 billion, one in five cars will be connected vehicles in the next five years and by 2025 the IoT is predicted to have a global economic impact of US $11trillion.
As promised, Microsoft has issued a fix for the Windows security flaw that Google disclosed before a patch was ready. The update tackles vulnerabilities in numerous versions of Windows (from Vista through Windows 10) that would let an attacker get control of your system through a malicious app. You're already safe if you use Windows 10 Anniversary Update and an up-to-date browser, we'd add -- this is for people who can't or won't move to a newer operating system.
Fears of hacking the US election have been a recurring theme throughout the election campaign, so as Americans go to the polls we ask, what are the chances of a hack?
As various cyber-security researchers unveil claims of how electronic voting machines could be hacked, we asked, where is the election system vulnerable and what are the likely scenarios for an attack?
Google has added a new classification to its Safe Browsing initiative to better protect users from malicious websites trying to game the system.
Google's Safe Browsing warns users when they are about to visit a website known to violate the web giant's policies on malware, unwanted software, phishing or social engineering. The warning appears until Google verifies that the site in question no longer poses a threat to users. But some sites are only cleaning up their act just long enough to shake the warning, and then returning to their harmful behavior.
A total of £2.5 million was stolen from 9,000 Tesco Bank customers in a sophisticated cyber-attack last weekend, the bank has confirmed.
The bank has also said that all account services have now returned to normal after all online transactions for all of its 136,000 current account holders were frozen following the "online criminal activity" spotted over the weekend.
Google has shut down an operation that combined malicious AdSense advertisements with a zero-day attack exploiting Chrome for Android to force devices to download banking fraud malware.
When you travel between countries, the mobile operators that temporarily provide service to your phone need to communicate with your operator back home. This is done over a global interconnection network where most traffic still uses an ageing protocol, called SS7, that's known to be vulnerable to location tracking, eavesdropping, fraud, denial of service (DoS), SMS interception and other attacks.
