Forty targets in 16 countries were attacked using advanced attack tools and techniques that match the capabilities documented via the "Vault 7" stash of alleged CIA network exploitation documents released by WikiLeaks, Symantec says.
A zero-day flaw in Microsoft Office is being targeted via in-the-wild attacks, security firms warn, including by the notorious Dridex botnet. While there is a workaround, Microsoft says it plans to issue a full fix this week as part of its regularly scheduled security updates.
Spanish police arrested Russian computer programmer Pyotr Levashov, apparently while he was vacationing with his family. Authorities say his arrest relates to alleged Kelihos spam botnet and pump-and-dump stock campaigns, not to Russia's alleged interference in the 2016 U.S. presidential election.
Twitter has dropped a federal lawsuit that sought to quash an administrative summons, which the government subsequently withdrew, seeking records for an account that's critical of U.S. policy. It's one of many accounts suspected to have been created by disgruntled government employees.
A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
Federal regulators are warning healthcare sector organizations about the threat of man-in-the-middle attacks and related risks associated with the use of some Secure Hypertext Transport Protocol, or HTTPS interception products for end-to-end security.
The U.S. regulation that forbid ISPs from selling information about web activity without a customer's permission is gone. But it's still possible to maintain privacy on the Web even if prying eyes are watching.
The security landscape has shifted significantly for financial services organizations. And now they must use digital transformation as the impetus to evolve their cybersecurity strategies, says Bruce Roton of Level 3.
Collaboration between medical device manufacturers and ethical hackers who discover vulnerabilities is getting better, but there's still plenty of room for improvement, says Bill Aerts, the former global privacy and security officer of Medtronic.
More than 60,000 servers running Microsoft's out-of-support IIS 6.0 server software may be vulnerable to a newly revealed zero-day exploit. No patch will be produced, but a workaround can blunt an attack.
As the threat landscape evolves, with risks exposed by newer technologies and commoditization of attack infrastructure, the motives of targeted attackers may also be evolving as they try new ways to influence change in an increasingly digital world.
The FBI recently warned that hackers are targeting FTP servers run by healthcare organizations in order to obtain medical records. New statistics show more than 750,000 FTP servers can be accessed anonymously worldwide.
The FBI is warning healthcare sector entities to step up securing their file transfer protocol servers in the wake of cybercriminals stepping up their attacks. The alert is similar to an earlier FTC related warning from another government agency.