The back story behind the ransom attack that led to the unauthorized early release of the Netflix series "Orange Is the New Black" is a cautionary tale in dealing with cyber extortionists such as The Dark Overlord.
Former FBI Director James Comey trickled out new details during a Senate Intelligence Committee hearing about what the FBI knew and when regarding Russia's alleged cyber intrusions. We've rounded up the details.
A cyber-espionage campaign apparently linked to Russia has targeted more than 200 people in 39 countries and leaked victims' stolen information - sometimes in altered form - as part of a disinformation campaign, according to privacy researchers at Citizen Lab.
Three Nigerian nationals who were convicted of a range of charges - including identity theft and payment card fraud - have been sentenced in the U.S. to serve up to 115 years in jail. Prosecutors says they were part of a "large-scale international fraud network" and involved in so-called "romance scams."
In a rare acknowledgment of a data breach by an Indian company, online restaurant guide and food ordering service Zomata says 17 million users' email addresses and hashed passwords were stolen from its database. The company was hacked by a white-hat hacker back in 2015.
Hackers have reportedly exploited the SS7 mobile telecommunications signaling protocol to drain money from online bank accounts used by O2 mobile phone subscribers. Despite rising security worries relating to SS7, many telcos have yet to explore related fixes.
Score another one for social engineering: A phishing campaign used a bogus "Google Docs" app to trick people into surrendering full access to their Google accounts and contacts. Before Google squashed the campaign, up to 1 million of its users may have fallen victim.
The purported hacking of computers of French presidential candidate Emmanuel Macron, by the same Russian group that targeted Hillary Clinton's campaign, signifies an expansion of the goals of the attackers that extend beyond trying to influence the outcome of Western elections.
President Donald Trump last week failed to meet a self-imposed, 90-day deadline to issue a report on "hacking defenses." But let's not nit-pick. After all, cybersecurity is complex - something the president is likely discovering along with healthcare and tax reform.
Free advice for breached businesses: Once you admit that you've suffered a data breach or that you're investigating a security incident, disseminate that message far and wide so no one can accuse you of trying to cover it up. That's the lesson from an incident at BlowOut Cards, a sports card trading site.
The Department of Health and Human Services has issued a warning for consumers to be on alert for fraudsters pretending to be calling from a HHS' Office of Inspector General hotline with requests for personal information.
Cyberattackers love not having to reinvent the wheel. At least, that's the tactic favored by the Callisto group, an "advanced threat actor" that's been using leaked Hacking Team spyware to infect targets, says security firm F-Secure.
When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.