Cybersecurity firm FireEye, which has been prominent in the fight against nation-state cyberthreats, has been itself attacked by "a highly sophisticated threat actor, one whose discipline, operational security, and techniques," company CEO Kevin Mandia announced Tuesday. This indicates the attack is likely state-sponsored, by a nation "with top-tier offensive capabilities."

There's no question that hackers are getting increasingly ambitious -- the average ransom demand increased from about $29,000 in 2018 to more than $302,000 in 2019. U.S. law doesn't prohibit paying ransom per se; but when victims pay monies to people or organizations who have been sanctioned by the U.S. government...they get into more trouble.

An outlaw online network that's been used to infect millions of computers with ransomware has been disrupted by Microsoft. The company announced Monday that, together with telecommunications providers around the world, it was able to cut off the infrastructure used by the Trickbot botnet so it could no longer be used to initiate new infections or activate ransomware already planted on computer systems.

Earlier this month, a woman with a life-threatening condition passed away after hackers crashed the IT systems of a major hospital in the city of Dusseldorf. Incidents like this raise the question of why corporations do not patch vulnerabilities as soon as software manufacturers issue a fix.

Surely spurred by the work-from-home necessities of 2020, people have connected a multitude of non-business devices to their corporate networks, making it progressively difficult to implement cybersecurity because every device is a potential weak point. So, who will ultimately be responsible for cybersecurity of an IoT network?

Automated purchasing bots, also known as "sneaker bots," "click bots," "Instacart bots" and other names, are ruining the online shopping and gig economy experience for both consumers and workers. These bots can cause considerable damage to a mobile business' reputation and bottom line. There are a number of measures that e-tailers should take a to protect their mobile apps from sneaker bots.

Data breaches were rampant in 2019, occurring at an unprecedented pace. However, the first half of this year has seen a reduction in the number of reported events. Reported being the operative word. In all, more than 15 billion records were exposed in nearly 7,100 data breaches last year. This year however, the number of publicly reported data breaches has decreased.

Software piracy involves much more than businesses and consumers using illegal copies of computer programs. What lurks within the pirated copies is often rogue code -- malware -- that can be just as deadly to computers and users' finances. Software companies are reporting that piracy has increased 20 to 30 percent due to COVID-19.

Users of video conference tools should be aware of the growing risk of impersonation attacks. Cybercriminals are capitalizing on the exponential increase of users turning to Zoom and other platforms to collaborate across work and friend networks. Researchers have identified attacks stemming from Australia, Germany, the U.S. and elsewhere.

After crashing in 2019, Dark Web markets for stolen credentials rebounded during the first half of 2020, largely due to major shifts in consumer behavior caused by the global pandemic. Hacked accounts for delivery services and physical fitness brands are some of the highest priced items on the market, according to a recent report.

Garmin on Monday confirmed that many of its online services have been disrupted by a cyberattack on its systems that occurred on July 23, 2020. Services disrupted by the attack, which encrypted data on the systems, included website functions, customer support, customer facing applications, and company communications.

Counterfeit hardware, especially in corporate settings, is a recurring problem that often goes unnoticed. Having such gear online poses serious financial, operational, and security risks. Cybersecurity company F-Secure has released an investigative report detailing counterfeit Cisco Catalyst 2960-X series switches. The report highlights challenges facing organizations that discover counterfeit devices in their IT infrastructure.

Twitter had a data security problem last week that might sound trivial. Email addresses, phone numbers, and the last four digits of the credit cards used to buy ads on Twitter were left in browser cache after the transaction, and that cache was not secured. This may seem trivial, but the consequences could be far more significant than you might think. Let's explore how.

With much of the workforce conducting business from home to escape the pandemic, scammers have revved up their trickery to scare victims into falling for credential harvesting schemes. Two new reports lay bare the new twists digital scammers are putting on old approaches to get you to unwittingly give up login credentials.

A Dutch researcher has revealed a novel way to crack into a PC through a Thunderbolt port. The method, dubbed "Thunderspy" by researcher Björn Ruytenberg, sidesteps the login screen of a sleeping computer, as well as its hard disk encryption, to access all its data. "Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement," he explained.

Like conventional criminals, criminal hackers choose easy, lucrative targets. One group in the crosshairs is made up of companies that have data on millions of users, such as private sector entities with a Web presence. Why go after one user at a time when data is collected in one place? Criminal hackers also like to hunt small organizations that have modest capital but weak information security.

Zoom's paying customers will be able to choose the region they want to use for their virtual meetings. Paying customers will be able to opt in or out of a specific data center region, although they won't be able to change their default, which for most customers is the United States. Zoom has data centers in the U.S., Canada, Europe, India, Australia, China, Latin America, and Japan/Hong Kong.

Under ordinary circumstances, the average consumer can order a latte on the way to the coffee shop, book a last-minute trip to the coast, and come home to find groceries delivered -- all with the click of a button. What makes these transactions so smooth and effortless? It starts with account creation. Consumers increasingly are willing to create accounts with sites they interact with regularly.

As companies send employees home in an effort to curb the spread of COVID-19, cybersecurity experts are warning that telecommuting could be putting company assets and data at risk. There are a number of precautions that employees working from home should consider to ensure that sensitive data isn't compromised by cybercriminals taking advantage of the health crisis.

Microsoft and partners have disrupted the Necurs botnet group blamed for infecting more than 9 million computers globally. There are 11 botnets under the Necurs umbrella, all apparently controlled by a single group, according to Valter Santos, security researcher at Bitsight, which worked with Microsoft on the takedown. Four of those botnets account for about 95 percent of all infections.

The United States Office of Personnel Management last week urged agencies to prepare to allow federal employees to telework -- that is, work remotely.This came on the heels of the Department of Homeland Security closing its facilities in Washington state, after learning an employee had visited the Life Care facility in the city of Kirkland, which is ground zero for the state's COVID-19 outbreak.

We're only two months into a new year and already hundreds of millions of personal records have been compromised, including 123 million records from sporting retailer Decathlon and another 10.6 million records from MGM Resorts hotels. These announcements followed fuel and convenience chain Wawa's revelation that it was the victim of a nine-month-long breach of its payment card systems.

A vulnerability in Philips Hue smart lightbulbs and their controller bridges could allow intruders to infiltrate networks with a remote exploit, Check Point Software Technologies has disclosed. The researchers notified the owner of the Philips Hue brand about the vulnerability in November, and it issued a patched firmware version through an automatic update.

There is a problem with the Internet of Things: It's incredibly insecure. This is not a problem that is inherent to the idea of smart devices. Wearables, smart houses, and fitness tracking apps can be made secure -- or at least more secure than they currently are. The problem, instead, is one that largely has been created by the companies that make IoT devices.

We asked ECT News Network's roundtable of industry insiders to reflect on their own personal tech preferences, to speculate on what popular gadgets may vanish from use in the next decade, to consider the role of wearable health tools -- and then to expand the discussion to the health of the planet, tech advances in traveling on it, and the prospect of leaving it altogether.

A digital forensic analysis conducted by FTI Consulting concludes with "medium to high confidence" that Amazon CEO Jeff Bezos' smartphone was hacked through a malicious file sent from the WhatsApp account of Saudi Arabian crown prince Mohammed bin Salman. The malware was in an MP4 file attached to a WhatsApp message. UN special rapporteurs released technical elements of the report.

Cybersecurity and privacy threats aren't confined to the tech world. They've cast their pall on the world in general. Computer viruses, malware and data leaks have become commonplace, personal privacy has become a bad joke, and cyberwar looms like a virtual mushroom cloud. What sometimes gets lost in the gloom are the many ways security professionals have been working to shore up cyberdefenses.

After 10 years of fully supporting Windows 7, Microsoft ended its official support for the out-of-date Windows operating system on Tuesday. The popular classic Windows 7 OS still runs on some 200 million PCs around the globe, according to industry estimates. Users include small business owners, some larger companies, and hordes of consumers holding onto aging personal computers.

Ransomware tops the list of cybersecurity threats for 2020. While there have been efforts to convince individuals, corporations and municipalities not to pay ransoms, the simple fact is that whenever one is paid, the attack becomes a success that encourages cyberthieves to try again. Ransomware attacks increased 18 percent in 2019, up from an average 12 percent increase over the past five years.

If you're turned off by the mere thought of talking heads vying to speak the loudest or the longest in a TV "discussion" of some pressing issue of the day, read on for a refreshing dose of sanity. ECT News Network recruited five smart people with plenty to say about the state of technology, and we gave them plenty of time to say it. The result is a far-ranging intercourse.