Robert Lemos

New details have emerged in the massive compromise of retail giant Target’s systems that resulted in the leak of tens of millions of credit- and debit-card accounts. When Target acknowledged a breach of its systems on Dec. 19, the company released few details of the malware and tactics used in the attack. Over the last […]

The stereotype may be that online attackers hide their operations on servers away from the mainstream Internet. But many attackers—like prudent business people—host their operations close to their targets and on well-known Web services, according to two studies published this week. In its fourth-quarter 2013 Threat Intelligence Report released on Jan. 15, security services firm […]

The U.S. Department of Health and Human Services (DHHS) hopes to give the health care industry some experience in warding off cyber-attacks by staging two joint exercises this year. The war games, dubbed CyberRX, will give health care providers, health plans, hospitals, drug manufacturers and government agencies practice in detecting and responding to attacks. The […]

Security professionals are focusing on the tools that attackers use to steal the credit card data and account information from point-of-sale (POS) terminals and computerized cash registers as the likely source of massive breaches at retailers Target and Neiman Marcus. The most probable suspect is software known as a random access memory, or RAM, scraper, […]

Last year’s revelations about the extent to which the U.S. National Security Agency eavesdropped and collected data on other nations, foreign nationals and American citizens continues to cause problems for U.S. companies. This week, the United Arab Emirates reportedly refused to accept two intelligence satellites from France because they allegedly contained U.S. parts that would […]

An underground programmer’s initiative to build better ransomware has some security professionals worried that the software’s popularity among cyber-criminals will continue to rise in 2014. In December, a programmer, using the handle “gyx,” posted on Pastebin a description of a malicious software project designed to encrypt and hold hostage the data on a victim’s PC. […]

A new variant of the file-encrypting ransomware known as CryptoLocker has begun spreading using a dangerous new feature: self propagation through USB drives, according to multiple security firms. Antivirus firms Trend Micro and ESET both found evidence of the new version of CryptoLocker spreading on the Internet. The malicious software is somewhat different than the […]

A key tool in hunting down and fixing application bugs has reportedly been used by the National Security Agency as a way to remotely find vulnerable software within companies and organizations targeted by the U.S. spy agency. The tool, known as Dr. Watson and developed by Microsoft, records information about the state of a Windows […]

Cyber-attackers and security researchers focused on finding and attacking vulnerable devices on the broader Internet of things in 2013, a trend that will only accelerate in the coming year, according to security experts. The rapid adoption of network-connected devices by consumers and businesses will make the so-called Internet of things more attractive to vulnerability finders […]

The technically savvy CryptoLocker ransomware compromised at least 200,000 computers and netted the criminals behind the scheme a minimum of $380,000—but more likely millions—in its first 100 days, according to an analysis conducted by managed-security firm Dell Secureworks. CryptoLocker encrypts more than 70 different types of files on systems—including Microsoft Word and Excel, Adobe Illustrator […]