Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
As the Trump administration begins, expect a ramp-up in cyber espionage as well as more "test attacks" by nation-states, says cybersecurity specialist Brad Medairy of the consultancy Booz Allen Hamilton.
With the rise of malware infecting IoT devices, DDoS defenders "have to assume that the attackers have an unlimited supply of machines that they can compromise," says Akamai's Michael Smith. But quarantines, ISP feedback loops and better patch management can bolster defenses.
The Shadow Brokers is offering more Equation Group attack tools for sale, payable in bitcoins. Experts say the dump appears designed to deflect attention from Russia's alleged meddling in this year's U.S. presidential election, but it may have originated from a rogue NSA insider.
The emergence of contactless chip payments on mobile phones is changing the way transactions are authenticated and secured, Jeremy King of the PCI Security Standards Council explains in this audio interview.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
In an audio interview, Steve Durbin, managing director of the Information Security Forum, offers a forecast of the top security threats for the year ahead, including the ramping up of attacks fueled by "crime-as-a-service" offerings.
Cyber espionage and other increasingly sophisticated nation-state cyberattacks will escalate into what amounts to "cyberwar" in 2017, predicts security expert Michael Bruemmer of Experian Data Breach Resolution.
The Internet Archive, a pioneering 20-petabyte digital repository, is raising funds to replicate its data in Canada. The group's founder fears that the election of Donald Trump as the next U.S. president portends an uncertain privacy rights future.
Score one for preparation: In the wake of a ransomware attack that infected 900 workstations, the San Francisco Municipal Transportation Agency says it's restoring affected systems, vowing to not give the attackers a single bitcoin of their ransom demand.
A ransomware attack against San Francisco's Muni public transportation network attack over the busy Thanksgiving holiday - and Black Friday shopping - weekend left more than 2,000 fare-handling systems locked, leading officials to let people ride for free.
Cybercriminals broke into the payment card processing system used by the Madison Square Garden Co., owner of Radio City Music Hall and other iconic entertainment venues, harvesting payment card details for nearly a year.
So, if 2016 was the year when mobile security threats finally started to materialize and mature, what can we expect to see in 2017? Tom Wills of Ontrack Advisory shares insight on the mobility threatscape and new enterprise solutions.