Written By Shane Schick

PayPal Suggests Biometric Identification Will One Day ‘Kill All Passwords’

A login mechanism you could eat, digital tattoos and vein recognition could be among the biometric identification tools that protect users, PayPal says.

SearchBlox Vulnerabilities Underscore the Importance of Updating Enterprise Search Tools

A set of four SearchBlox vulnerabilities could allow cybercriminals to conduct cross-site scripting attacks and cause other potential problems.

Verizon Report Suggests Data Breach Costs and Mobile Threat Perceptions Inaccurate

Security experts may be overestimating the cost of a data breach and the extent of mobile device threats, according to a report from Verizon.

Annual Threat Report: POS, HTTPS and SCADA Attacks on the Rise

An annual threat report on the biggest IT security issues says CISOs should be concerned about cybercriminals hitting POS, SCADA and HTTPS systems.

Redirect to SMB Vulnerability: 18-Year-Old Flaw Morphs Into Huge Threat to Windows Machines

Researchers say an old SMB vulnerability in Windows can be used to steal login credentials and take over some systems entirely using malicious URLs.

AlienSpy RAT Spreads Internationally, Evades Antivirus Detection

A research advisory says the AlienSpy RAT is deploying the Citadel malware across financial institutions and stealing data in other organizations.

WordPress Plugin Vulnerability Puts an Estimated 1 Million Sites at Risk of XSS Attacks

A WordPress plugin vulnerability related to WP Super Cache could let cybercriminals create back doors, add new administrators or worse, experts say.

CrypVault Ransomware Locks Out PCs, Demands Payment While Stealing Passwords

Researchers say a new strain of ransomware called CrypVault is locking out computer users in a way that resembles antivirus software and demands payment.

BitTorrent Vulnerability Discovered as Sync Service Exits Beta

A research advisory suggests cybercriminals could have exploited a BitTorrent vulnerability to include executable code via URLs in its Sync service.

DDoS Made Deadlier: Multicast DNS Vulnerability Could Affect More Than 100,000 Devices

According to CERT, a miconfiguration in many devices could mean cybercriminals can exploit a multicast DNS vulnerability, making DDoS attacks worse.