Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.

Businesses fearful their workers may be targeted by fraudsters will want to take a look at the free Tax Scam Awareness Kit offered by Proofpoint. The kit, for both Windows and macOS, includes materials for an employee education campaign about tax fraud, three educational videos, an infographic, answers to frequently asked questions about tax scams, and a tax scam flyer.

A rich cache of data on some 533 million Facebook users was posted to a hacker forum over the weekend and is available to download for practically free. In a statement provided to TechNewsWorld by Facebook, the company said it is confident the posted information is old data that originated from a weakness in its contact importer feature that was discovered and fixed in August 2019.

Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.

Half of consumers who originally planned to return to their pre-pandemic in-store shopping routines once coronavirus is under control now plan to stick with online shopping. That shift in preferences means that e-commerce merchants must keep up with trending ways to market, sell, and prevent fraud. Let's look at a few of the most important developments and see where they're going.

The most vulnerable cybercrime victims are young adults and adults over 75, according to the latest research revealed in the LexisNexis Risk Solutions biannual Cybercrime Report. The report reveals how unprecedented global change in 2020 created new opportunities for cybercriminals around the world, particularly as they targeted new users of online channels.

Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.

Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.

Online shoppers beware: a fast-selling marketplace of fake reviews is trying to lure you into buying products on major digital store sites and social media outlets. This latest review scam involves an under-wrap false review network operating among Amazon sellers. Trading in phony reviews may or not be legal, but such practices are clearly unethical and will have repercussions if discovered, warns Amazon.

Cybersecurity experts predict that in 2021 there will be a cyberattack incident every 11 seconds. This is nearly twice what it was in 2019, and four times the rate five years ago in 2016. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses.

A cyber intruder broke into the computer network of the water treatment system of Oldsmar, Fla. and attempted to poison it with lye. News of the attack was made public Monday by officials of Oldsmar, who revealed the attack was foiled by an operator at the facility within minutes of its launch. The Oldsmar plant provides water to businesses and about 15,000 residents.

Cyberattacks are increasing in frequency, ramping up the data privacy threats they pose to government agencies and businesses alike. Governments both domestic and foreign need to step up efforts to pass legislation that bolsters technological defenses this year, warn privacy groups. Stiffer privacy laws are gradually being reviewed and signed into the U.S. market. But that process is mostly taking place at the state level.

Huawei has events where it pulls together key analysts to focus on problems it thinks are critical to the future. At its last event, Huawei spoke about two areas that need considerable work. Let's talk this week about the need for centralized cyberlaw enforcement, and the need for a clear vision on the future of work. We'll close with the product of the week, a new 40" curved monitor from Dell.

Cybersecurity firm FireEye, which has been prominent in the fight against nation-state cyberthreats, has been itself attacked by "a highly sophisticated threat actor, one whose discipline, operational security, and techniques," company CEO Kevin Mandia announced Tuesday. This indicates the attack is likely state-sponsored, by a nation "with top-tier offensive capabilities."

During any holiday season, consumers have a tough time wrestling with each other for best-selling products, but now times have become even tougher, thanks to the proliferation of online "scalper" bots. These robot shoppers, unleashed by cybercriminals, emulate the activity of ticket scalpers in the real world.

It should be prime time for shopping, but the pandemic has forced many consumers to tighten their purse strings. To help consumers -- and give e-tailers a heads up about better security -- the E-Commerce Times discussed holiday shopping issues with a panel of cybersecurity experts. They offered advice on how consumers can avoid buying counterfeit products; and analyses of how fake goods affect the broader retail market.

There's no question that hackers are getting increasingly ambitious -- the average ransom demand increased from about $29,000 in 2018 to more than $302,000 in 2019. U.S. law doesn't prohibit paying ransom per se; but when victims pay monies to people or organizations who have been sanctioned by the U.S. government...they get into more trouble.

An outlaw online network that's been used to infect millions of computers with ransomware has been disrupted by Microsoft. The company announced Monday that, together with telecommunications providers around the world, it was able to cut off the infrastructure used by the Trickbot botnet so it could no longer be used to initiate new infections or activate ransomware already planted on computer systems.

Earlier this month, a woman with a life-threatening condition passed away after hackers crashed the IT systems of a major hospital in the city of Dusseldorf. Incidents like this raise the question of why corporations do not patch vulnerabilities as soon as software manufacturers issue a fix.

Google has taken a step toward controlling spam voice calls on Android devices with a new addition to its phone app. The "Verified Calls" feature will display a caller's name, logo, reason for calling and a verification symbol indicating a business has been verified by Google. The service will initially roll out in the United States, Mexico, Brazil, Spain and India, with more countries to follow.

Data breaches were rampant in 2019, occurring at an unprecedented pace. However, the first half of this year has seen a reduction in the number of reported events. Reported being the operative word. In all, more than 15 billion records were exposed in nearly 7,100 data breaches last year. This year however, the number of publicly reported data breaches has decreased.

Software piracy involves much more than businesses and consumers using illegal copies of computer programs. What lurks within the pirated copies is often rogue code -- malware -- that can be just as deadly to computers and users' finances. Software companies are reporting that piracy has increased 20 to 30 percent due to COVID-19.

Online bandits are decreasing their schemes against businesses but increasing COVID-19 scams aimed at consumers, according to a report released Tuesday by TransUnion. Suspected fraudulent digital transactions against businesses worldwide dropped nine percent from the lockdown phase of the pandemic to the reopening phase.

After crashing in 2019, Dark Web markets for stolen credentials rebounded during the first half of 2020, largely due to major shifts in consumer behavior caused by the global pandemic. Hacked accounts for delivery services and physical fitness brands are some of the highest priced items on the market, according to a recent report.

Despite the struggles the pandemic imposes on the economy, consumer activity gives both retailers and e-tailers hope for continued growth as the recovery persists. Though fraud continues to escalate as criminals take advantage of card-not-present payment methods, including buy online pick-up in store (BOPIS), or click-and-collect.

The move by retailers to online and mobile selling to survive the pandemic has resulted in a significant increase in digital fraud activity. The "2020 True Cost of Fraud Study: E-commerce/Retail Edition" by LexisNexis Risk Solutions found this to be partly because some fraud control systems are outdated, and partly because of increased transaction volume.

If you are a Windows or Linux user, brace yourself for a long siege of vulnerability nightmares. The fix will be long and treacherous and could brick your computers. Eclypsium researchers have detailed a set of newly discovered vulnerabilities dubbed "BootHole" that opens up billions of Windows and Linux devices to attacks.

If you conducted e-commerce transactions since the pandemic struck, you have probably been the target, or even a victim, of online fraud. A report from Sift titled "Q2 2020 Digital Trust & Safety Index" details a 109 percent increase in content abuse and growth of the fraud economy from January through May 2020.

Twitter had a data security problem last week that might sound trivial. Email addresses, phone numbers, and the last four digits of the credit cards used to buy ads on Twitter were left in browser cache after the transaction, and that cache was not secured. This may seem trivial, but the consequences could be far more significant than you might think. Let's explore how.

A Dutch researcher has revealed a novel way to crack into a PC through a Thunderbolt port. The method, dubbed "Thunderspy" by researcher Björn Ruytenberg, sidesteps the login screen of a sleeping computer, as well as its hard disk encryption, to access all its data. "Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement," he explained.