Yahoo Agrees to $80 Million Settlement with Investors

Investors alleged that Yahoo intentionally misled them about its cybersecurity practices.

Open Source Components, Code Volume Drag Down Web App Security

The number of new Web application vulnerabilities published last year was 212% greater than the number disclosed in 2016, Imperva says in a new report this week.

New ‘Mac-A-Mal’ Tool Automates Mac Malware Hunting & Analysis

Researchers at Black Hat Asia will demonstrate new framework they created for catching and studying Apple MacOS malware.

New POS Malware Steals Data via DNS Traffic

UDPoS is disguised to appear like a LogMeIn service pack, Forcepoint says.

CA Acquires SourceClear

CA adds software composition analysis capabilities to Veracode lineup through acquisition

Microsoft Azure AD Connect Flaw Elevates Employee Privilege

An improper default configuration gives employees unnecessary administrative privilege without their knowledge, making them ideal targets for hackers.

19 M California Voter Records Held for Ransom in MongoDB Attack

The records were first exposed in an unsecured MongoDB database, continuing a cyber-extortion trend.

‘OMG’: New Mirai Variant Converts IoT Devices into Proxy Servers

The new malware also can turn bots into DDoS attack machines, says Fortinet.

Massive Cloud Leak Exposes Alteryx, Experian, US Census Bureau Data

A misconfigured Amazon Web Services S3 storage bucket exposed sensitive data on consumers' financial histories, contact information, and mortgage ownership.

Survey Suggests Many Are Still Waiting for Spectre, Meltdown Windows Updates

Microsoft's insistence on a specific registry key setting for offering the updates on systems appears to be the issue, security vendor Barkly says.

Nation-State Hackers Adopt Russian ‘Maskirovka’ Strategy

New CrowdStrike report shows blurring of state-sponsored and cybercrime hacking methods.

Threats from Mobile Ransomware & Banking Malware Are Growing

The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro.