President Donald Trump has blocked a bid by Singapore's Broadcom to acquire U.S. chipmaker Qualcomm on the grounds that it could impact national security, including the United States' ability to help shape future mobile telephony standards.
To the surprise of many, $120 million allocated by Congress since late 2016 to help the State Department combat foreign governments' U.S.-focused propaganda and disinformation campaigns hasn't been spent. Meanwhile, midterm U.S. elections are fast approaching.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Kaspersky Lab says it has uncovered an elegantly written piece of malware that leverages a Latvian-designed router to launch stealthy attacks. The security firm hints that the malicious code could only have come from a well-resourced attacker, but it stops short of naming one.
With modern agile development practices, such as DevOps, the time for development has been significantly reduced. So security can no longer be just a step in the process; it needs to be a continuous part of the development lifecycle, says CA Technologies' Ayman Sayed.
A zero-day flaw in Adobe Flash, recently patched, has been targeted by a group of attackers that may have ties to North Korea as part of an apparent attempt to hack into Turkish banks, security firm McAfee warns. It notes that there are signs that financial institutions in other countries are also being targeted.
As more data moves to the cloud, and cyberattacks multiply, organizations need to adopt an alternate paradigm of security, says Nikhil V. Bagalkotkar, a virtualization specialist at Citrix, who describes a new approach.
The attorney general of Pennsylvania has filed a lawsuit against Uber for allegedly violating the state's mandatory breach notification law. It's the latest in a long string of legal and regulatory repercussions Uber is facing after waiting more than a year to disclose a serious breach.
Although more organizations are adopting cloud access security broker technology, CASB policy templates and runbooks, as well as best practices, are still evolving, says Rohit Gupta, group vice president for cloud security products at Oracle Corp.
Equifax has identified 2.4 million U.S. consumers whose names and snippets of their driver's license numbers were stolen, adding to one of the worst breaches in history, which resulted in personal data for most U.S. adults being exposed.
Leading the latest edition of the ISMG Security Report: President Trump has not authorized the National Security Agency to go after Russian election hackers at the source. Also, 23,000 digital certificates get revoked after their private keys get leaked, and an analysis of deception technologies.
Digital certificate vendor Trustico is sparring with DigiCert, which recently took over Symantec's digital certificate business, over a serious security incident. The private keys for at least 23,000 Trustico digital certificates have been compromised, prompting a scramble to protect affected websites.
Cybersecurity company mergers and acquisitions continue. Among the major deals: The sale of PhishMe to a privacy equity syndicate and Splunk's purchase of Phantom. But these are just the latest in a series of moves so far this year as consolidation continues.
A new strain of the Petya ransomware called "Bad Rabbit" is impacting business and sweeping across Russia and Ukraine, among other Eastern European countries. Like many of the other ransomware outbreaks, understanding fact from fiction is the first step in staying safe.
An analysis of a massive 8.8 GB trove of files containing usernames and plaintext passwords suggests hundreds of services may have experienced unreported or undiscovered data breaches. Data breach expert Troy Hunt says the trove of 80 million records appears to contain fresh data.