As an experienced cyber first responder, Julian Gutmanis had been called plenty of times before to help companies deal with the fallout from cyberattacks. But when the Australian security consultant was summoned to a petrochemical plant in Saudi Arabia in the summer of 2017, what he found made his blood run cold.

Millions of sites that run the Drupal content management system run the risk of being hijacked until they're patched against a vulnerability that allows hackers to remotely execute malicious code, managers of the open source project warned Wednesday. CVE-2019-6340, as the flaw is tracked, stems from a failure to sufficiently validate user input, managers said in an advisory. Hackers who exploited the vulnerability could, in some cases, run code of their choice on vulnerable websites. The flaw is rated highly critical.

A server outage at Tribune Publishing on Saturday that prevented the distribution of many leading U.S. newspapers, including the Wall Street Journal, New York Times, Los Angeles Times, Chicago Tribune and Baltimore Sun was actually nothing of the sort. Instead, it appears to have been a cyber-attack involving what is thought to have been a version of the highly successful Ryuk ransomware family. Interestingly, Ryuk is often attributed to the Lazarus Group which is thought to operate out of China but in the hands of North Korean threat actors.

When it comes to using computers to steal money, few can come close to matching the success of Russian hacker Evgeniy Bogachev.

For years, government security specialists have predicted the inevitable "cyber 9/11," an event originating as a digital attack that spills over into other aspects of society, causing widespread harm to people and the global financial sector. Former NSA head Admiral Michael Rogers told CNBC last month that "nothing is beyond the pale of possibility" for cyberattacks.

The Port of San Diego is facing the storm surge of a cyberattack against its computer systems. On Wednesday, the Port of San Diego's CEO, Randa Coniglio, said in a statement that it suffered a "serious cybersecurity incident," which it first learned about on Tuesday. A spokesperson for the port told sister site ZDNet that the attack was a ransomware infection, but didn't provide further details.

The FBI on Friday issued a formal warning that a sophisticated Russia-linked hacking campaign is compromising hundreds of thousands of home network devices worldwide and it is advising owners to reboot these devices in an attempt to disrupt the malicious software.

Russian hackers are conducting a broad assault on the U.S. electric grid, water processing plants, air transportation facilities and other targets in rolling attacks on some of the country’s most sensitive infrastructure, U.S. government officials said Thursday. The announcement was the first official confirmation that Russian hackers have taken aim at facilities on which hundreds of millions of Americans depend for basic services.

The Pentagon on Thursday confirmed that there was a hacking attempt this past weekend against an online financial services portal that Citigroup manages for Defense Department credit card holders. The confirmation comes a day after Citigroup told CNBC that a "malicious actor" attempted to gain access to information for Pentagon-linked credit card accounts.

A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other war zones. The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say.

Our roving reporter Matt Stephenson gets the lowdown from Cylance's Senior VP of Marketing Shaun Walsh on exactly how Cylance works to prevent the bad guys from assaulting your data.