A new dump from WikiLeaks has revealed an apparent CIA project - code named "CherryBlossom" - that since 2007 has used customized, Linux-based firmware covertly installed on business and home routers to monitor internet traffic and exploit targets' devices.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.
Despite the efficiencies of cloud services, security remains a significant barrier of entry for many organizations. Mark Urban of Symantec offers advice to help security leaders navigate past cloud complexity and chaos.
Microsoft fears that nation-state actors may unleash viral code that could devastate users. On Tuesday, it released software fixes again for its older operating systems in hopes of averting a repeat of last month's infection of tens of thousands of computers with ransomware.
Two security firms have investigated what they describe as a malware platform for attacking the industrial control systems that run electricity plants. They warn that the platform was the likely culprit behind the December blackouts in Ukraine.
New details have emerged relating to the 2015 hack attack against French broadcaster TV5Monde, which resulted in multiple television channels going dark as well as social media channels run by the broadcaster being hijacked and used to spew purported jihadist propaganda.
Former FBI Director James Comey trickled out new details during a Senate Intelligence Committee hearing about what the FBI knew and when regarding Russia's alleged cyber intrusions. We've rounded up the details.
Russian anti-virus vendor Kaspersky Lab has filed two antitrust complaints against Microsoft in Europe, contending that the company has engineered Windows 10 to favor its preinstalled malware-fighting program, Windows Defender.
A discussion analyzing the difficulty of striking a balance between IT functionality and cybersecurity leads the latest edition of the ISMG Security Report. Also featured: Updates on sizing up weaknesses in biometrics and the potential to exploit LED lights to leak sensitive data from routers.
The annual Infosecurity Europe conference returns to London this week, offering discussions of the latest information security practices, procedures and technologies as well as deep-dives into privacy, cybercrime, policing, surveillance, GDPR and more.
A number of media reports have recently suggested there's a "link" between WannaCry and the Lazarus hacking group, implying that North Korea authorized the ransomware campaign. But based on the evidence available so far, it's much too early to attribute the attacks to anyone.
Target has reached a record settlement agreement with 47 states' attorneys general over its 2013 data breach. The breach resulted in hackers compromising 41 million customers' payment card details and contact details for more than 60 million customers being exposed.