FireEye has issued an emergency security alert - and related patch - to fix a serious flaw discovered by Google researchers. The episode follows FireEye earlier this year being criticized for serving an injunction against other security researchers.
After years of failing to enact cyberthreat information-sharing legislation, Congress is poised to vote on a measure this week that would incentivize businesses to share voluntarily threat data with the federal government and with each other.
Global Payments Inc. plans to buy its smaller rival, Heartland Payment Systems Inc., for $4.3 billion. Both payment transaction processors have suffered massive data breaches, and industry observers are weighing in on whether the merged companies will successfully build a strong culture of security.
The FBI has arrested three men on charges that they participated in a hacking and identity theft scheme designed to fuel spam campaigns, including the insider-enabled theft of account details for 24.5 million Comcast customers.
Police in Britain have arrested a 21-year-old man on suspicion of "hacking offenses" related to the breach of Hong Kong toymaker VTech. Separately, the CEO of hacked London telco TalkTalk testified about her organization's security before Parliament.
A security researcher warns he was able to find online "sensitive account details" for 13 million users of MacKeeper. The software was the focus of a recently settled class-action lawsuit - alleging deceptive advertising and false claims.
A district judge has asked Home Depot to disclose communications that were sent to issuers about a deal with MasterCard to settle fraud losses and other expenses suffered by banks and credit unions in the wake of the retailer's 2014 data breach.
Twitter has issued its first-ever alerts to some users that they may have been "targeted by state-sponsored actors." Some cryptographers, software developers and security experts say they have received the alerts.
Two new malware reports - one from security researchers at technology giant Cisco, another from cybersecurity firm FireEye - demonstrate how developers continue to refine malicious code to maximize information-stealing and extortion potential.
A former U.S. State Department employee has pleaded guilty to running a "sextortion" scheme from the U.S. Embassy in London that was designed to compel young women to share sexually explicit photographs, according to the FBI.
A former member of the NullCrew hacking group has pleaded guilty to participating in attacks against several organizations, including Bell Canada, Comcast and the U.K.'s Ministry of Defense, which the gang claimed to have exploited via SQL injection flaws.
Australian police have raided the Sydney home of cryptographer and entrepreneur Craig Wright, who's been named as being the suspected creator of the bitcoin cryptocurrency. Has the real "Satoshi Nakamoto" finally been unmasked?
European Union lawmakers and member states have drafted landmark proposed cybersecurity rules that set minimum levels of security across a number of critical infrastructure sectors, including energy, transportation, health and financial services, and require companies in those sectors to alert authorities to breaches.
Hundreds of millions of PCs are at risk of being remotely exploited, after a security researcher released proof-of-concept exploit code for separate, newly discovered flaws in software preinstalled on systems by Dell, Lenovo and Toshiba.
Following the shootings in San Bernardino, Calif., which left 14 people dead, President Obama used an Oval Office address to call on technology firms to help law enforcement agencies better monitor "the flow of extremist ideology."