Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
As effective as ransomware has proven to be in attacks against so many organizations across regions and sectors, certain characteristics actually can help defenders gain an edge in detecting malware. Lastline's Engin Kirda explains how.
If Yahoo's 2014 breach had been the result of an in-house Russian intelligence project, the hack probably would not have triggered a U.S. indictment. But Russia has landed in a muddy puddle after apparently tapping freelance talent with an interest in criminal gain.
Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.
FireEye's Mandiant investigative unit is seeing a revival in tried-and-true hacking techniques, ranging from social engineering to the snatching of OAuth tokens. Why are these old techniques still working?
Canadian authorities narrowly escaped a data breach by stopping an intrusion at the country's statistics agency. The cyberattack used a zero-day vulnerability in Apache Struts 2, which has now been patched.
The latest ISMG Security Report leads with a profile of Rob Joyce, the National Security Agency operative who is reportedly under consideration to be President Donald Trump's top cybersecurity adviser. Also, cybercriminal ties with Russian intelligence and the lifespan of zero-day vulnerabilities.
The rapid evolution of malware and proliferation of solutions have created a state of chaos for security leaders, says Naveen Palavalli of Symantec. What strategy and solutions will help restore order to anti-malware defense?
FBI Director James Comey worries about data corruption, and he's focused on hackers altering data. But if government leaders feed false information into computer systems, what should IT and IT security practitioners do to protect data integrity?
Little is known about Evgeniy M. Bogachev, the alleged hacker and Gameover Zeus botnet mastermind. There are clues, however, that he's been helping Russian intelligence agencies, according to a new report. If true, that wouldn't be a surprise.
WikiLeaks says it leaked the "Vault 7" CIA hacking arsenal in part to stoke a debate on cyber-weapon proliferation. Here's how information security experts are reacting to WikiLeaks' claims and potential agenda, as well as the dump and information vulnerability-exploit information it contains.
A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
Apache Struts 2 users are being warned to upgrade immediately, after attackers began targeting a zero-day flaw in the widely used, open source Java EE platform. Some attacks deactivate firewalls on vulnerable Linux systems and install DDoS or BillGates malware, amongst other malicious code.
Confide, an encrypted messaging application, received a surge of attention after White House officials began using it for leaks. But a teardown of the app by two security firms revealed a raft of serious security issues.
A new release from WikiLeaks - of what's alleged to be classified material from the CIA - has seemingly exposed some of the agency's most sensitive hacking projects and malware capabilities. Technology experts are scrambling to assess the impact, as well as WikiLeaks' claims.