Hackers affiliated with the Chinese government have been making a concerted effort to steal medical research, particularly cancer research, from U.S. institutions. The step-up in medical research theft by Chinese APT hacker groups appears to be linked to China's growing concern over cancer mortality rates and increasing healthcare costs. Cancer in the leading cause of death in China.

The Russian hacking group known for stealing sensitive emails from the Democratic National Committee during the 2016 presidential election season has been cracking into printers, phones and video decoders to gain access to corporate networks, the Microsoft Security Response Center Team reported. The group is known by a number of names including "Strontium," "Fancy Bear" and "APT 28."

Capital One Financial Corporation has announced a data breach affecting some 100 million people in the U.S. and another 6 million in Canada. The FBI arrested the alleged perpetrator of the breach in Seattle. Capital One on July 19 discovered someone had accessed its data stored online and obtained personal information of credit card customers and people who had applied for credit card products.

Chinese hackers likely are responsible for a series of cyberattacks against telecommunications companies around the world, security researchers have reported. The campaign, dubbed "Operation Soft Cell," has been active since 2012, according to Cybereason. There is some evidence suggesting even earlier activity against the telecommunications providers, all of whom were outside North America.

Firefox users should update their browsers immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux desktop is at risk. Mozilla issued a patch Tuesday, but the vulnerability was discovered by Samuel Groß of Google Project Zero on April 15. Mozilla's fix came after Coinbase reported exploitation of the vulnerability for targeted spearphishing attacks.

Account hijacking has become a nettlesome problem at Instagram so it has decided to do something about it. The social media company has begun testing a simpler method for users to reclaim their compromised accounts. It allows users locked out of their hacked accounts to ask for a six-digit code to be sent to the email address or phone number originally used to open the account.

Hackers piggybacked onto a Microsoft customer support portal between Jan. 1 and March 28 to gain access to the emails of noncorporate account holders on webmail services Microsoft manages, including MSN.com, Hotmail.com and Outlook.com. Microsoft has confirmed that a "limited" number of customers who use its Web service had their accounts compromised.

Microsoft has been urging customers to upgrade from its Windows 7 operating system, while attempting to ease the transition with several options for extended support. It will stop providing routine fixes and security patches effective January 2020. Regular support for Windows Server 2008 also will end at that time. Windows 7 enterprise customers can subscribe to Extended Security Updates.

The e-ticketing systems of eight airlines, including Southwest Airlines and Dutch carrier KLM, have a vulnerability that can expose passengers' personal data, mobile security vendor Wandera has reported. They use unencrypted links that hackers can intercept easily. The hackers then can view and, in some cases, even change the victim's flight booking details, or print their boarding passes.

The Samsung Galaxy S10, scheduled for launch on Feb. 20, likely will incorporate a cryptocurrency wallet. "Samsung has a long history of throwing everything it can think of, technology-wise, into its flagship Galaxy S series smartphones," remarked Ken Hyers, research director at Strategy Analytics. Most users aren't fully aware of their Galaxy S phone capabilities, he noted.

The personal data of some 100 million people who have used Quora, a popular question and answer website, has been compromised, the company disclosed. "We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party," wrote Quora CEO Adam D'Angelo in an online post. "We are working rapidly to investigate the situation."

Hackers planted malware on StatCounter to steal bitcoin revenue from Gate.io account holders, according to Eset researcher Matthieu Faou, who discovered the breach. The malicious code was added to StatCounter's site-tracking script last weekend, he reported. The malicious code hijacks any bitcoin transactions made through the Web interface of the Gate.io cryptocurrency exchange.

Do you take your online privacy seriously? Most people don't. They have an ideal scenario of just how private their online activities should be, but they rarely do anything to actually achieve it. The problem is that bad actors know and rely on this fact, and that's why there's been a steady rise in identity theft cases from 2013 to 2017, often resulting in loss of reputation or financial woes.

We rely on our phones to process and store reams of personal digital data. Our digital activities -- from checking bank balances to paying for a product with a tap of the screen, to sending friends and family messages over social media, to accessing work emails remotely -- have turned our phones into a goldmine of personal information. How secure is your mobile device?

Theresa Payton, CEO of Fortalice Solutions, is one of the most influential experts on cybersecurity and IT strategy in the United States. She is an authority on Internet security, data breaches and fraud mitigation. She served as the first female chief information officer at the White House, overseeing IT operations for President George W. Bush and his staff.

As if e-commerce companies didn't have enough problems with transacting securely and defending against things like fraud, another avalanche of security problems -- like cryptojacking, the act of illegally mining cryptocurrency on your end servers -- has begun. We've also seen a rise in digital credit card skimming attacks against popular e-commerce software such as Magento.

There is a well-known joke among security professionals: Q: "What does IoT stand for?" A: "Internet of Threats." Sadly, this joke is our reality. An estimated 20.4 billion Internet of Things devices will be deployed by 2020, according to Gartner, in what some have dubbed "the fourth industrial revolution." These connected devices are being manufactured to streamline everything we do.

Widespread use of unpatched open source code in the most popular Android apps distributed by Google Play has caused significant security vulnerabilities, suggests an American Consumer Institute report. Thirty-two percent -- or 105 apps out of 330 of the most popular apps in 16 categories sampled -- averaged 19 vulnerabilities per app, according to the report. Researchers found critical vulnerabilities in many common applications.

Microsoft has torpedoed websites designed to steal credentials from visitors to two Republican Party think tanks. The malicious websites were among six the company took down last week. A group of hackers affiliated with the Russian military created the sites, according to Microsoft. It apparently was the same group that stole a cache of email from the DNC during the 2016 presidential campaign.

Hackers cracked into a wide array of voting equipment Def Con's Voting Village, an event held Friday at Caesar's Palace in Las Vegas, Nevada. Last year, conference goers hacked five machines and an e-poll book of registered voters. This year, in addition to voting machines, tabulators and smart card readers were available for hacking. Websites weren't off limits, either.

DHS has announced the National Risk Management Center, part of a new effort to combat cyberthreats to the U.S. The new agency's mission will be to defend the critical infrastructure through greater cooperation between the public and private sectors. The center will bring together government experts and industry partners to work out ways that the government can support the partners.

Hundreds of U.S. utilities were penetrated by Russian hackers who could have disrupted the nation's power grid. The attacks were launched last year by threat actors sponsored by the Russian government, according to a report. The hackers used Black Hat tools such as phishing and waterhole traps to obtain credentials from legitimate users and leverage them to gain access to the utilities.

The healthcare industry has been moving toward medical equipment connectivity to speed up data entry and recording, as well as improve data accuracy. At the same time, there has been a shift toward incorporating consumer mobile devices, including wearables. "The demand for connected devices has increased rapidly in recent years," noted Leon Lerman, CEO of Cynerio.

Academics have been hard at work studying information security. Most fields aren't as replete with hackers as information security, though, and their contributions are felt much more strongly in the private sector than in academia. The differing motives and professional cultures of the two groups act as barriers to direct collaboration, noted CypherCon presenter Anita Nikolich.

The expanding world of Internet commerce likely will generate a corresponding expansion of data breaches, resulting in more e-commerce businesses becoming the targets of consumer class action lawsuits. Breach litigation has become more prevalent as a result of a perceptible legal trend favoring consumers. Courts have tended to allow lawsuits based on a lower threshold for establishing injury.

A significant percentage of IT systems are cloud-based, according to a recent survey. The cloud is a key enabler for emerging technology, suggests the CompTIA poll, which was conducted last month. Cloud computing was one of four trends respondents expected to feature heavily in IT conversations over the next 12 to 18 months, the survey found. Others were AI, the IoT and cybersecurity.

The FBI has disrupted a network of half a million routers compromised by the group of Russian hackers believed to have penetrated the DNC and the Hillary Clinton campaign during the 2016 elections, according to reports. The hacker group, known as "Fancy Bear," has been using a malware program called "VPN Filter" to compromise home and small office routers.

A flaw in certain electronic hotel door locks could allow hackers to access guest rooms and other secure locations at millions of properties around the world, F-Secure researchers have discovered. Software updates were issued to fix the flaw in the smart locks after F-Secure notified and worked with the manufacturer over the past year. The researchers had found a way to make a master key.

Devices built on Nvidia's Tegra X-1 mobile processor are at risk of attack from a flaw security researchers have revealed. The exploit chain discovered by Katherine Temkin and others affects any device running the chip, including the Nintendo Switch gaming console. Called "Fusée Gelée," the vulnerability allows anyone to run code on the chip by overloading a critical buffer when a system boots.

An alarming number of major U.S. retailers, industrial firms, government agencies and other organizations have been hit in a recent wave of cyberbreaches that may signal increasing vulnerability for consumers and businesses alike. The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems.