95% of bank ATMs face end of security support

Nearly all ATMs run on Windows XP, and that'll soon be a problem.

Banks everywhere are in a race against time to upgrade their ATMs before they become hot targets for hackers.

An estimated 95% of American bank ATMs run on Windows XP, and Microsoft is killing off tech support for that operating system on April 8. That means Microsoft(MSFT, Fortune 500) will no longer issue security updates to patch holes in Windows XP, leaving those ATMs exposed to new kinds of cyberattacks.

"This isn't a Y2K thing, where we're expecting the financial system to shut down. But it's fairly serious," said Kurtis Johnson, an ATM expert with U.S. manufacturer Triton.

If banks fail to upgrade their ATMs to a newer version of Windows by April, customers might be at risk. If hackers discover new flaws in Windows XP, those bugs will go unaddressed, leaving attackers free to exploit them.

It can't yet be known what hackers could do with a Windows XP ATM after April 8. But the prospect of providing a potentially compromised machine with your account and PIN information is unsettling.

The 'biggest ever' cyber attack uncovered; 360 mn accounts, 1.25 bn email addresses hacked

A cybersecurity firm said that it uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets, though it is unsure where they came from or what they can be used to access.

The discovery could represent more of a risk to consumers and companies than stolen credit card data because of the chance the sets of user names and passwords could open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system.

Alex Holden, chief information security officer of Hold Security LLC, said in an interview that his firm obtained the data over the past three weeks, meaning an unprecedented amount of stolen credentials is available for sale underground.

Criminals are selling some 1.25 billion email addresses, which would be of interest to spammers, Hold Security said in a statement on its website.

"The sheer volume is overwhelming," said Holden, whose firm last year helped uncover a major data breach at Adobe Systems Inc in which tens of millions of records were stolen.

Holden said he believes the 360 million records were obtained in separate attacks, including one that yielded some 105 million records, which would make it the largest single credential breaches known to date.

Android KitKat, Jelly Bean under cyber threat; users' data could be compromised

A "critical flaw" has been detected in the virtual private network offered by Android operating systems in the Indian cyberspace leading to "hijack" of personal data of users.

Internet security sleuths have alerted consumers of this web-based service to guard against the spread of this virus which affects computer systems and mobile phones using the Android system.

The suspicious activity has been noticed in two Android versions - 4.3 known as 'Jelly Bean' and the latest version 4.4 called 'KitKat'.

A critical flaw has been reported in Android's VPN implementation, which could allow an attacker to bypass active VPN configuration to redirect secure VPN communications to a third party server.

"A critical flaw has been reported in Android's (virtual private network) VPN implementation, affecting Android version 4.3 and 4.4 which could allow an attacker to bypass active VPN configuration to redirect secure VPN communications to a third party server or disclose or hijack unencrypted