Multinational semiconductor maker Advanced Micro Devices has confirmed that there are 13 flaws in some of its chipsets that could be exploited to manipulate chip firmware for malicious purposes. AMD plans to provide fixes in the form of firmware updates that it claims should not affect system performance.
Regulators, attorneys general and lawmakers in the U.S., U.K. and Canada are attempting to unravel the events that led to the personal information of as many as 60 million Facebook users leaking to a London-based voter-profiling firm.
Expedia's Orbitz travel fare search engine says it may have suffered a breach that resulted in 880,000 payment cards being compromised, along with other customer data, over a two-year period. Orbitz says the apparent breach involved a legacy system no longer connected to its site.
Facebook may be facing the fight of its life. The social media company is seeing mounting pressure and a collective outcry over personal data for millions of its users having been collected by a voter-profiling firm once retained by the Trump campaign.
A recent alert from the Department of Homeland Security warning of vulnerabilities in certain medical imaging products from GE Healthcare is a reminder to other medical device makers and healthcare entities about the risks posed by hardcoded and default credentials.
Facebook is under fire after reports suggested data-mining firm Cambridge Analytica obtained private information on 50 million Facebook users. The social network contends that it didn't suffer a "breach," saying the information was legally obtained but subsequently misused.
To help identify and mitigate the next generation of Spectre and Meltdown speculative execution flaws in CPUs, Microsoft and Intel are offering researchers up to $250,000 if they share their discoveries as part of a coordinated vulnerability disclosure program.
The FBI has arrested the CEO of the Canadian smartphone service Phantom Secure on charges that he and four other suspects ran an encrypted telecommunications service used by more than 20,000 customers to facilitate illegal activities, including international shipments of cocaine and other drugs.
Equifax has a new problem in Australia, a country that was left unscathed by the credit bureau's devastating data breach. The Australian Competition and Consumer Commission alleges the credit bureau deceived vulnerable consumers by misrepresenting its products and charging for services that should have been free.
President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
HHS continues to improve its information security program, but it needs to take steps to address a number of ongoing weaknesses, according to a new watchdog agency report. What are those glaring weaknesses, which are also, unfortunately, common at many healthcare organizations?
The Securities and Exchange Commission and the Department of Justice have both charged Jun Ying, a former CIO at data broker Equifax, with engaging in illegal insider trading after he determined that his employer had suffered a massive breach.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
A set of vulnerabilities in AMD chipsets that gives attackers enduring persistence on machines appears to be legitimate. But experts are questioning the motivations of the Israeli security company that found the flaws, contending it ambushed AMD to maximize attention.