Whole Foods says it has 'resolved' point-of-sale breach incident

Whole Foods says it has resolved a data breach that it reported last month, in which the company detected unauthorized access to credit card information in some point-of-sale systems.

technology news

Check Point warns of 'vast' new IoT botnet

by Shaun Waterman • 10 hours ago

Check Point Technologies sees a botnet coming that could cause more damage than Mirai.

Booz Allen Hamilton seeks to boost commercial cybersecurity service with new acquisition of startup

by Zaid Shoorbajee • 11 hours ago

Management consulting firm Booz Allen Hamilton is acquiring Morphick, a small, Cincinnati based cybersecurity company that developed a digital platform for threat detection, breach investigation and response.

Senator questions DHS's handling of Kaspersky software ban in federal agencies

by Chris Bing • 1 day ago

A senior U.S. official pushed back against Sen. Claire McCaskill's criticism concerning the 90-day timeframe provided by the Department of Homeland Security for federal agencies to uninstall Kaspersky Lab products.

What is a 'cyber moonshot,' anyway?

by Shaun Waterman • 2 days ago

"It's a good paradigm" for cybersecurity, said Gus Hunt, "because, like the original moonshot, it's hard. Really hard."

FBI's recruitment strategy for cybersecurity pros starts early, focuses on high school

by Chris Bing • 2 days ago

"What we want to do is get to these kids in high school, get them into STEM programs and then we want to get them into colleges and universities that sponsor Scholarship for Service," a top bureau official said at CyberTalks.

Researchers say hackers responsible for 2013 Microsoft, Facebook breaches have disappeared

by Chris Bing • 3 days ago

The group has become virtually untraceable since September 2015.

Google releases new email, browser security features to prevent common hacking issues

by Zaid Shoorbajee • 3 days ago

Google has rolled out new security features for users of Gmail and Drive, as well as its Chrome web browser. For Gmail and Drive users, Google is offering an opt-in feature called the Advanced Protection Program, aimed at those who are more prone to online threats because of the nature of their work. The company announced the program in a blog post on Tuesday.

Financial institutions launch their own cyber range to train defenders, test tools

by Shaun Waterman • 3 days ago

Banks, insurance companies and other financial institutions are banding together to design and build a series of computer environments where defenders can exercise, train and test tools to defend their real computer networks.

Chinese-linked trojan found in breach of Western aerospace firm

by Patrick Howell O'Neill • 4 days ago

"It is highly likely that this tool will continue to be uncovered as part of targeted attacks for some time."

Fin7 weaponization of DDE is just their latest slick move, say researchers

by Shaun Waterman • 4 days ago

High end cybercrime group FIN7 stays one step ahead of defenders by changing their lures within a couple days of being identified.

Middle Eastern hacking group is using FinFisher malware to conduct international espionage

by Chris Bing • 4 days ago

The discovery by Kaspersky Lab marks at least the fifth zero-day exploit used by the so-called BlackOasis group and exposed by security researchers since June 2015.

Severe weakness in Wi-Fi security gives hackers wide access to eavesdrop

by Patrick Howell O'Neill • 5 days ago

"This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on."

White House cybersecurity coordinator takes on additional role in Trump administration

by Chris Bing • 1 week ago

CyberScoop has learned that Rob Joyce will take on a new position starting Monday as President Donald Trump's acting deputy homeland security adviser.

Former U.S. spies say anti-virus software makes for a perfect espionage platform

by Chris Bing • 1 week ago

Popular anti-virus software companies are a prime target for intelligence agencies because most store large quantities of intuitive data on external servers and have direct, continuous access into their clients' networks, former U.S. intelligence officials and cybersecurity experts say.

Researchers say this attack is a bad bug. Microsoft says it's a feature.

by Shaun Waterman • 1 week ago

Dynamic Data Exchange,like mac ros, can be abused by hackers to help them take over a targeted computer. But it's not a vulnerability and there's no fix, says Microsoft.

Germany contradicts U.S. suspicions about Russian cybersecurity firm Kaspersky

by Zaid Shoorbajee • 1 week ago

BSI said it doesn't warn against using Kaspersky products because it has no evidence of wrongdoing by the Russian company or weaknesses in its software.

Kaspersky's North American operations undergoes shuffle; head of PR leaves company

by Patrick Howell O'Neill • 1 week ago

“After 20 years in business, we’ve learned that executive departures are a routine part of operations," Kaspersky told CyberScoop.

Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies

by Chris Bing • 1 week ago

The technical findings connect a known advanced persistent threat group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC's domain.

Attivo Networks raises $21 million Series C funding on strength of 'deception' cybersecurity

by Patrick Howell O'Neill • 1 week ago

“Deception puts attackers on the defensive making them work harder and increasing their costs."

U.S. voting machines are easily hackable, DEF CON report says

by Zaid Shoorbajee • 1 week ago

A number of voting machines used in U.S. elections are easily hackable, a report from DEF CON, one of the world’s largest hacker conventions, found.

Continue to CyberScoop.com