A swift FBI sinkhole blunted an apparently imminent attack against Ukraine via "VPN Filter" malware, which has infected more than 500,000 routers. But mass router compromises will continue so long as manufacturers fail to build in easy or automated patching and updating, security experts warn.
At least 500,000 routers, mostly located in Ukraine, have been infected with "VPN Filter" malware that experts believe is a prelude to a massive cyberattack. But the FBI has sinkholed the control domain for the router botnet, which should help contain the potential damage.
The whole way we look at identity across the extended enterprise is in the midst of change, says Naresh Persaud of CA Technologies. What is dynamic authentication, and how does it herald the future of digital identity?
The American Civil Liberties Union has launched a broadside against Amazon, warning that Amazon Rekognition - mixing big data, machine learning and facial recognition - could be abused by authoritarian regimes. Amazon has countered by saying that all users must "comply with the law."
Following 33 arrests, police in Europe say they have dismantled a Romanian-led crime gang that used phishing attacks, online scams and fake invoices to steal more than $9 million from victims in Spain, including individuals as well as organizations ranging from hospitals to government agencies.
Universities throughout Florida are adding more cybersecurity courses in an effort to better train the next generation of practitioners, says Ernie Ferraresso of the Florida Center for Cybersecurity, which recently provided a second round of funding for the effort.
European Parliamentarians finally had their opportunity on Tuesday to ask Facebook CEO Mark Zuckerberg questions about its data handling and privacy practices. But the session, which lasted roughly 90 minutes, turned into a somewhat frustrating flop.
Will federal regulators finally tackle long overdue rulemaking related to a HITECH Act provision calling for the Department of Health and Human Services to share money collected from HIPAA settlements and penalties with breach victims?
Researchers have discovered two new Spectre/Meltdown variants: variant 3a, a rogue system register read, and variant 4, a speculative store bypass. Some AMD, ARM, Intel and IBM Power chips have the flaws, which attackers could exploit to steal sensitive data. Some fixes have already been shipped.
With enforcement of the EU's GDPR set to begin on May 25, Australian organizations vary in readiness. Steve Ingram of PwC says it's not too late for companies to prepare for GDPR, but it will be too late to ask regulators for forgiveness if something goes wrong.
John Gammell of New Mexico has been sentenced to serve 15 years in prison for launching DDoS attacks against prior employers and business competitors, as well as for being a convicted felon in possession of firearms.
Patching a content management system has never been a straightforward affair, and the carnage from back-to-back critical vulnerabilities in the Drupal CMS continues to play out. Unpatched, hacked Drupal sites are delivering virtual currency miners, and in some cases malware.
Following the disclosure of a flaw in the website of LocationSmart that could have been easily exploited to track the location of cellular phone users throughout the U.S. in real time, the Federal Communications Commission has referred the matter to its enforcement bureau for investigation.
The EU's General Data Protection Regulation, which will be enforced beginning May 25, has significant implications for how financial institutions worldwide handle customer data, says Brett King, CEO of Moven, an all-digital bank, who sizes up the challenges.