Yahoo in 2014 spotted that an attacker - later revealed to have compromised 500 million accounts - was inside its network, according to a new SEC filing. With Yahoo's $4.8 billion sale to Verizon still pending, the admission adds to the search giant's complications.
President-elect Donald Trump will review the nation's cyber vulnerabilities at the start of his presidency, just like Barrack Obama did. But Trump hasn't demonstrated the deep understanding of cyber that Obama did when he took office nearly eight years ago.
As if the internet of things didn't seem secure enough, now we have to worry about apps on our smartphones posing a risk too. At Black Hat Europe, researchers from Invincea Labs demonstrated zero-day flaws in Belkin's WeMo home-automation device firmware as well the WeMo Android app, which have been patched.
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
The malware-infected IoT army that disrupted domain name server provider Dyn was composed of, at most, 100,000 devices, the company estimates in an after-action report. But claims that the attacks peaked at 1.2 Tbps remain unconfirmed.
Chinese manufacturer Xiongmai will recall up to 10,000 webcams in the wake of the IoT-powered DDoS attacks that pummeled DNS provider Dyn. But information security experts say that only a more resilient internet will blunt future attacks.
For more than a decade, Christy Wyatt was immersed in mobile security - most recently as CEO of Good Technology. Now she has re-emerged as CEO of Dtex Systems. What new challenges does this role pose to the veteran security and technology leader?
Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
When it comes to describing the top fraud threats to UK financial institutions, it's all about compromised identities and credentials, says John Marsden of Equifax. How can organisations prove their customers are who they say they are?
Russian hackers may think twice before traveling outside the country for a vacation in light of the arrest of alleged 2012 LinkedIn hacker "Yevgeniy N." by Czech police at a restaurant in Prague earlier this month.