A security flaw in WPA2, the security protocol for most modern WiFi systems, could allow an attacker to steal sensitive data including emails, credit card numbers and passwords, Researchers at Belgian university KU Leuven reported Monday. Depending on the network configuration, the flaw also could allow an attacker to inject or manipulate information in the system.

Nearly 60 percent of small businesses have been the victims of a cyberattack over the past year, but the vast majority didn't realize that they had been attacked, according to Nationwide's third annual survey of 1,069 businesses with fewer than 299 employees. Initially, only 13 percent of the participating companies said they had been victims of a cyberattack.

Russian hackers reportedly exploited a vulnerability in Kaspersky Lab's software to steal sensitive cyberdefense data from a National Security Agency contractor. The incident, which occurred in 2015, involved a contractor who loaded classified information onto his personal computer in order to work at home. The information included hacking tools and other sensitive NSA data.

RoboCyberWall has launched its proprietary precision firewall solution bearing the same name. RoboCyberWall is designed to protect HTTP and HTTPS ports on Linux-based Apache2 and NGINX Web servers. The patent-pending firewall blocks all known exploits and zero-day attacks on Apache2 and NGINX Web servers, according to the developer. The Linux server firewall solution targets small and mid-sized business users.

Malicious code has been discovered in two versions of Piniform's CCleaner housekeeping utility, the company disclosed on Monday. Piniform is owned by Avast, whose security products are used by more than 400 million people. The malware infecting CCleaner could give hackers control over the devices of more than 2 million users. CCleaner is designed to rid computers and mobile phones of junk.

Consumer credit reporting agency Equifax suffered a major criminal data breach that exposed personal information of as many as 143 million consumers in the U.S. between mid-May and July of this year. The attack exposed a range of sensitive personal data, including names, addresses, Social Security Numbers, dates of birth, and in some cases driver's license numbers, Equifax said.

The hacker group known as "Dragonfly" is behind sophisticated wave of recent cyberattacks on the energy sectors of Europe and North America, Symantec reported. The attacks could provide the group with the means to severely disrupt energy operations on both continents. Dragonfly launched a simililar campaign from 2011 to 2014, but it entered a quiet period in 2014 after its activities were exposed.

A relatively new form of cybercrime recently has been plaguing American consumers. Thieves have been hijacking mobile phone account numbers and then transferring services to a different device. Further, hackers have begun using mobile numbers to raid digital wallets and similar accounts. This type of theft has been successful even against the most sophisticated of consumers.

There are no good outcomes of an electronic data system breach. At best, companies dealing with e-commerce technologies face the formidable task and the resulting cost of repairs. In addition having to fix information technology systems, companies suffering breaches may be increasingly vulnerable to legal action taken by customers whose personal data was affected.

Increased use of open source software could fortify U.S. election system security, according to former CIA head R. James Woolsey and Bash creator Brian J. Fox. The two made their case for open source elections software after security researchers demonstrated how easy it was to crack some election machines at the recent DefCon hacking conference in Las Vegas.

HBO on Wednesday admitted that it had been targeted by a cyberattack, confirming an anonymous email the alleged hackers distributed to media outlets last weekend. Among the content that may have been compromised were upcoming episodes of the series Ballers, Barry and Room 104, along with script outlines of the channel's hit show Games of Thrones.

A grand jury in the Northern District of California indicted a Russian man for running a massive money laundering operation through the BTC-e bitcoin exchange, a group of federal officials announced Wednesday. The exchange allegedly received up to $4 billion in proceeds from various criminal activities, including the 2014 hack of the Mt. Gox bitcoin exchange.

Recent ransomware threats have escalated into a global crisis, and cybersecurity experts and government authorities have redoubled their investigative efforts. Of grave concern is the possibility that the recent Petya attack had more sinister motives than typical ransomware operations, and that state actors were involved behind the scenes. The Petya attack actually used ransomware as a cover.

Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things. That is one of the findings in a report WatchGuard Technologies released last week. The report, which analyzes data gathered from more than 26,000 appliances worldwide, found three Linux malware programs in the top 10 for the first quarter of the year.

I hope that, like me, you are off this long holiday weekend and have a chance to think about the drama that now surrounds the U.S. administration. What I find fascinating isn't that the government is a bit of a mess but that the accidental transparency of this administration is focusing us more on the visibility of the problems rather than on the problems themselves.

A new ransomware exploit dubbed "Petya" struck major companies and infrastructure sites this week, following last month's WannaCry ransomware attack, which struck more than 300,000 computers worldwide. Petya is believed to be linked to the same set of hacking tools as WannaCry. Petya already has impacted a Ukrainian international airport and shut down radiation monitoring systems at Chernobyl.

The United Kingdom's Parliament on Monday reported a cyberattack on its email system over the weekend, when hackers attempted to access user accounts without authorization. Due to the "robust measures" in place to protect the legislative body's accounts and networks, fewer than 1 percent of the 9,000 accounts on the network were compromised, officials said. Accounts that were compromised reportedly had weak passwords.

The House Intelligence Committee on Wednesday conducted a hearing focusing on the impact of Russian hacking on the 2016 elections. Members heard testimony from former DHS Secretary Jeh Johnson, who was in charge of the department when the actual hacking took place during the final months of the Obama administration. Russian President Vladimir Putin ordered the cyberattack, Johnson said.

Federal and state officials have confirmed that cyberattacks against state voting systems during the 2016 election were more widespread than previously disclosed to the public, but they said the heightened activity did not impact final vote tallies. The confirmations follow a report that attempts to influence the 2016 presidential election were much greater than previously disclosed.

Ever since taking an interest Linux, with the specific aim of better understanding and enhancing my personal digital security, I have been fascinated by hacker conferences. As soon as I learned of their existence, I made a point of keeping tabs on the major conferences so I could browse through the latest videos in their archive once each one wraps up. I thought that was the closest I would get.

Cybersecurity expert Eugene Kaspersky reportedly has volunteered to turn over his company's software source code to allay fears about possible ties with the Russian government. Kaspersky made the offer public at CeBIT Australia last week. Some U.S. officials have expressed concerns that Kaspersky Lab might have a close working relationship with the Russian government.

Internet security at Mar-a-Lago -- the private club President Trump owns and has dubbed the "Southern White House" -- is weak, based on a recent investigation. Trump has used the resort to meet with staffers and foreign heads of state on official business. In February, he took a call about a North Korean ballistic missile launch in Mar-a-Lago's dining room, with members and waiters present.

The WannaCry ransom attack that quickly circled the globe last week is not yet fully contained. So far, it has impacted more than 300,000 computers in 150 countries. However, one of the remarkable things about it is that only a trifling $100,000 in ransom, give or take, apparently has been paid. That represents a surprisingly low response from an attack generally considered the biggest ever.

Microsoft this weekend unleashed its wrath on the National Security Agency, alleging it was responsible for the ransomware attack that began last week and has spread to thousands of corporate, government and individual computer systems around the world. Microsoft Chief Legal Officer Brad Smith launched a blistering attack on the NSA and governments worldwide.

Authorities are investigating a massive ransomware attack that reportedly hit more than 45,000 computers in 74 countries worldwide, including the UK's NHS England national health service, international delivery service FedEx, and Spanish telecom firm Telefonica. Security experts have linked the exploit to an earlier leak by the Shadow Brokers, who allegedly pilfered hacking tools from the NSA.

A phishing scam that surfaced earlier this week used Google Docs in an attack against at least 1 million Gmail users. However, that amounted to fewer than 0.1 percent of Gmail users were affected, according to the company. Google last year put the number of active monthly Gmail users at more than 1 billion. Google shut down the phishing scam within an hour, it said.

Just as the Shadow Brokers hacker group started crowing about a dump of never-seen-before flaws in Windows, Microsoft announced it already had fixed most of the exploits. "Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers," said Microsoft Principal Security Group Manager Phillip Misner. "Most of the exploits are already patched."

Burger King in essence hijacked the voice-activated Google Home speakers in some consumers' homes. In a 15-second television ad, the camera zooms in on a young man wearing the company uniform who says, "OK Google, what is the Whopper burger?" The trigger phrase for Google's AI Assistant activated Home speakers situated nearby, prompting them to read Wikipedia's description of the Whopper.

An alleged spam kingpin with possible ties to election meddling in the U.S. was arrested in Spain last week under a U.S. international warrant. Pyotr Levashov had been vacationing in Barcelona with his family. Levashov was arrested for interfering with the 2016 U.S. presidential elections, the Russian news outlet RT reported, but the DoJ said the arrest was not connected to national security.

Screaming sirens serenaded Dallas residents in the early morning hours Saturday after a cyberattack set off the city's emergency warning system. All of the city's 156 sirens reportedly were set off more than a dozen times. Officials have not yet identified the perpetrator of the attack, but it likely was someone outside the Dallas area, said Office of Emergency Management Director Rocky Vaz.