The operation was run by a local restauranteur who was placed under US sanctions for attempting to interfere with US elections. Slaying online trolls can be a lonely business. Just ask Russia's Lyudmila Savchuk, who first exposed the story of Russia's disinformation campaign back in 2014. The journalist and 33-year-old mother of two, Savchuk started noticing websites and social media accounts attacking local opposition activists in her hometown of Saint Petersburg with a frequency she hadn't seen before.

A data breach is almost inevitable because we continue to make the same security mistakes. Here are five of the bigs ones, according to experts, and why you simply have to fix them.

Global action is required to tackle the web's "downward plunge to a dysfunctional future", its inventor Sir Tim Berners-Lee has told the BBC. He made the comments in an exclusive interview to mark 30 years since he submitted his proposal for the web. Sir Tim said people had realised how their data could be "manipulated" after the Cambridge Analytica scandal.

At the endless booths of this week's RSA security trade show in San Francisco, an overflowing industry of vendors will offer any visitor an ad nauseam array of "threat intelligence" and "vulnerability management" systems. But it turns out that there's already a decent, free feed of vulnerability information that can tell systems administrators what bugs they really need to patch, updated 24/7: Twitter. And one group of researchers has not only measured the value of Twitter's stream of bug data but is also building a piece of free software that automatically tracks it to pull out hackable software flaws and rate their severity.

Huawei would have no choice but to hand over network data to the Chinese government if Beijing asked for it, because of espionage and national security laws in the country, experts told CNBC. Major governments including the United States, Japan and Australia have blocked the Chinese telecommunications equipment maker from providing hardware for next-generation mobile networks known as 5G. The U.S. has said Huawei equipment could provide backdoors for the Chinese government into American networks — a claim the company has repeatedly denied.

In the world of digital thievery, a business model pivot is apparently underway. Over the past year cybercriminals have shifted their focus from ransomware attacks to so-called cryptojacking. That’s the marquee finding out of a new threat report published by IBM this week: Instances of the former money-making scheme were down 45% in 2018, while occurrences of the latter surged 450% in the same timespan, per IBM’s data.

As an experienced cyber first responder, Julian Gutmanis had been called plenty of times before to help companies deal with the fallout from cyberattacks. But when the Australian security consultant was summoned to a petrochemical plant in Saudi Arabia in the summer of 2017, what he found made his blood run cold.

Huawei’s rotating chairman Guo Ping kicked off a keynote speech this morning at the world’s biggest mobile industry tradeshow with a wry joke. “There has never been more interest in Huawei,” he told delegates at Mobile World Congress. “We must be doing something right!” The Chinese company is seeking to dispel suspicion around the security of its 5G network equipment which has been accelerated by U.S. president Trump who has been urging U.S. allies not to buy kit or services from Huawei. (And some, including Australia, have banned carriers from using Huawei kit.)

The US agency responsible for military cyber operations cut off internet connectivity at the Internet Research Agency in Russia on the day of the 2018 midterm elections, according to a report in The Washington Post on Tuesday. The US Cyber Command "basically took the IRA offline," according to an unnamed source that spoke with the Post.

North Korean hackers who have targeted American and European businesses for 18 months kept up their attacks last week even as President Trump was meeting with North Korea’s leader in Hanoi. The attacks, which include efforts to hack into banks, utilities and oil and gas companies, began in 2017, according to researchers at the cybersecurity company McAfee, a time when tensions between North Korea and the United States were flaring.

On Friday, Marriott International announced a system breach that has affected approximately 500 million customers, with stolen information including names, credit card numbers, mailing addresses, email addresses, and passport numbers. The breach is one of the largest in history, after recent Yahoo breaches that compromised the accounts of nearly three billion customers.

At a press conference held on Dec. 20, the U.S. Department of Justice (DOJ) announced the prosecution of two hackers from communist China. According to the DOJ, they were members of the hacking unit APT10, which is affiliated with the Chinese regime’s Ministry of State Security (MSS). The MSS is China’s only official intelligence agency, and is relatively new given the long history of communist Chinese espionage.

The FBI has accused a second Apple employee of attempting to steal trade secrets from the company regarding its secretive self-driving car program, according to a recently unsealed affidavit. NBC's Bay Area affiliate first reported the news. This is the second employee in six months to be accused by the FBI of stealing trade secrets from Apple's self-driving car unit. In July, federal agents accusedformer Apple engineer Xiaolang Zhang of allegedly stealing proprietary information about the project and trying to bring it to XMotors, based in China.

Amazon CEO Jeff Bezos claims a lawyer for the National Enquirer emailed his counsel with a threat to post sexual pictures he had sent via text to his girlfriend, Lauren Sanchez, including a so called "dick pic." In a blog post published Thursday, Bezos accused AMI, the publisher of the National Enquirer, of blackmail and extortion, claiming that AMI has asked Bezos to publicly deny any political motivation in the publisher's coverage of his divorce.

Two weeks out from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The job was already hard enough without having to play catch-up.

A batch of 127 million records stolen in data breaches affecting eight companies was put up for sale on the Dream Market marketplace by a seller who goes by the name of "gnosticplayers" and asking the equivalent of $14,500 in bitcoin for the entire collection.

A new report suggests that password managers aren’t quite as secure as you might first think, and they contain some worrying flaws on the security front, including – in some cases – storing the master password for the app in the PC’s memory in a plaintext form. First off, though, before everybody starts hitting the panic button and considering uninstalling their password manager program, let’s clarify that the security researchers behind this report still advocate the use of these applications.

Since the last time we were together inside his prison lodgings at the Ecuadorian embassy in London, a few things have changed. Julian Assange has grown a beard, looks more pallid and pauses when I ask…

60,000 customers affected due to Walmart Canada hack

If a hacker attacks your TrackingPoint smart gun over its Wi-Fi connection, you may find the weapon is aiming at a different target than you think.

Knowledge alone is next to useless in countries whose rulers enforce self-censorship

A group of Russian hackers linked to Moscow’s government have for seven years been targeting intelligence information from governments and organizations in the United States, Europe, and Asia, acco

The deputy director of the US National Security Agency warns of the increasing danger of destructive cyber attacks by states.

Ask a chief executive of any security company what the crown jewel of their business is, and they'll tell you it's the source code. In a day and age of government spying, hackers, and backdoors, there's a great deal of mistrust and paranoia in the tech industry. Governments particularly are on edge that other states are using tech firms to get access to their most critical systems and data, including the US government...

For the first time in several years, humans now account for more Internet traffic than bots, but bot activity is increasing at smaller websites.

Smart TVs are opening a new window of attack for cybercriminals, as the security defenses of the devices often lag far behind those of smartphones and desktop computers. Running mobile operating systems such as Android, smart TVs present a soft target due to how to manufacturers are emphasizing convenience for users over security, a trade-off that could have severe consequences.

If your password is on this list, you better change it ASAP. The 25 worst passwords of 2015 have been released by Los Gatos, Calif.-based SplashData. The company, which makes password management software, compiles the annual list from the most common passwords leaked online each year — more than two million in 2015.

France is a weakened country that relies too heavily on its subservient intelligence relationship with the United States and the United Kingdom, Wikileaks founder Julian Assange told French radio on Friday. Speaking to France Inter radio from the Ecuadorian Embassy in London where he has been holed up for nearly four years, Assange was asked if he was disappointed that France had refused to grant him political asylum last year.

In the early years of the Obama administration, the United States developed an elaborate plan for a cyberattack on Iran in case the diplomatic effort to limit its nuclear program failed and led to a military conflict, according to a coming documentary film and interviews with military and intelligence officials involved in the effort. The plan, code-named Nitro Zeus, was devised to disable Iran’s air defenses, communications systems and crucial...

The Justice Department, impatient over its inability to unlock the iPhone of one of the San Bernardino killers, demanded Friday that a judge immediately order Apple to give it the technical tools to get inside the phone. It said that Apple’s refusal to help unlock the phone for the F.B.I. “appears to be based on its concern for its business model and public brand marketing strategy,” rather than a legal rationale.

At core, when we talk about cyberwar, we’re just talking about warfare conducted through computers and other electronic devices, typically over the Internet. As the very ’90s prefix cyber- (when was the last time you heard someone talk about cyberspace with a straight face?) suggests, it’s been part of our cultural and political conversations since the early ’80s. In recent years, however, such conversations have picked up...

MY LIFE DEPENDS on the functioning of a medical device: a pacemaker that generates each and every beat of my heart. I know how it feels to have my body controlled by a machine that is not working correctly, and this is why I encourage fellow security researchers to delve into these medical devices and find ways to make them more secure. Four years ago, I woke up lying on the floor, but I had no idea how I’d gotten there or for how long I’d been out.

Apple isn't alone in blocking government-backed security breaches. Google today announced that it will let users know if they are been targeted by a state sponsored hacker using a new warning. The company said it will also be increasing the visibility of other types of Gmail security warnings to try and help people better protect themselves.

Modern-day leaks may have caused embarrassment and resignations, but in ancient times revealing secrets often ended in death.

Finding evidence that someone compromised your cyber defenses is a grind. Sifting through all of the data to find abnormalities takes a lot of time and effort, and analysts can only work so many hours a day. But an AI never gets tired, and can work with humans to deliver far better results. A system called AI2, developed at MIT’s Computer Science and Artificial Intelligence Laboratory, reviews data from tens of millions of log lines each day and pinpoints anything suspicious.