A batch of 127 million records stolen in data breaches affecting eight companies was put up for sale on the Dream Market marketplace by a seller who goes by the name of "gnosticplayers" and asking the equivalent of $14,500 in bitcoin for the entire collection.

Two weeks out from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The job was already hard enough without having to play catch-up.

Amazon CEO Jeff Bezos claims a lawyer for the National Enquirer emailed his counsel with a threat to post sexual pictures he had sent via text to his girlfriend, Lauren Sanchez, including a so called "dick pic." In a blog post published Thursday, Bezos accused AMI, the publisher of the National Enquirer, of blackmail and extortion, claiming that AMI has asked Bezos to publicly deny any political motivation in the publisher's coverage of his divorce.

The FBI has accused a second Apple employee of attempting to steal trade secrets from the company regarding its secretive self-driving car program, according to a recently unsealed affidavit. NBC's Bay Area affiliate first reported the news. This is the second employee in six months to be accused by the FBI of stealing trade secrets from Apple's self-driving car unit. In July, federal agents accusedformer Apple engineer Xiaolang Zhang of allegedly stealing proprietary information about the project and trying to bring it to XMotors, based in China.

At a press conference held on Dec. 20, the U.S. Department of Justice (DOJ) announced the prosecution of two hackers from communist China. According to the DOJ, they were members of the hacking unit APT10, which is affiliated with the Chinese regime’s Ministry of State Security (MSS). The MSS is China’s only official intelligence agency, and is relatively new given the long history of communist Chinese espionage.

On Friday, Marriott International announced a system breach that has affected approximately 500 million customers, with stolen information including names, credit card numbers, mailing addresses, email addresses, and passport numbers. The breach is one of the largest in history, after recent Yahoo breaches that compromised the accounts of nearly three billion customers.

America’s cellular network is as vital to society as the highway system and power grids. Vulnerabilities in the mobile phone infrastructure threaten not only personal privacy and security, but also the country’s. According to intelligence reports, spies are eavesdropping on President Trump’s cellphone conversations and using fake cellular towers in Washington to intercept phone calls. Cellular communication infrastructure, the system at the heart of modern communication, commerce and governance, is woefully insecure. And we are doing nothing to fix it.

A cyberattack that may have compromised information about current and former NASA employees is only the latest sign of ongoing information security problems that have plagued the agency for years. In a Dec. 18 memo to NASA employees, Bob Gibbs, assistant administrator for the office of human capital management, said that the agency was investigating a "possible compromise" of NASA servers first detected in October.

CYBERSECURITY can feel like a chaotic free-for-all sometimes, but it's not every day that a whole new conceptual type of attack crops up. Over the last 15 months, though, cryptojacking has been exactly that. It's officially everywhere, and it's not going away.

Including photos from people’s stories as well as photos that people uploaded but never posted.

Freelance elite hackers can make more than $500,000 a year searching for security flaws and reporting those issues at big companies like Tesla and organizations like the Department of Defense, according to new data released by ethical hacking platform Bugcrowd. The company, founded in 2012, is one of a handful of so-called "bug bounty" firms that provide a platform for hackers to safely chase security flaws at companies that want to be tested.

Read these tips to avoid phishing and email scams.

For years, government security specialists have predicted the inevitable "cyber 9/11," an event originating as a digital attack that spills over into other aspects of society, causing widespread harm to people and the global financial sector. Former NSA head Admiral Michael Rogers told CNBC last month that "nothing is beyond the pale of possibility" for cyberattacks.

U.K. lawmakers urged advertisers to boycott internet firms that fail to remove or control the publication of extremist content. In a report published Thursday evening, the U.K. Parliament's Intelligence and Security Committee concluded that security agencies needed help from the likes of Facebook, Twitter and Google to curb the "enormous growth" in online extremist material.

The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The U.S.P.S. is an independent agency of the American federal government responsible for providing postal service in the United States and is one of the few government agencies explicitly authorized by the United States Constitution.

Instagram has notified some of its users that their password might have been exposed due to a security bug, according to The Information (via Engadget). A spokesperson for the company says that the issue was “discovered internally and affected a very small number of people.”

The US refused to join a new global cybersecurity agreement this week—maybe because it was created by French president Emmanuel Macron, with whom President Trump isn’t on great terms with. On the same day, internet traffic that was supposed to route through Google’s cloud servers instead went haywire, traveling through unplanned servers based in the likes of Russia and China. Hack? No, as Lily Hay Newman explains, though the cause was still worrisome.

Researchers have used a neural network to generate artificial fingerprints that work as a “master key” for biometric identification systems and prove fake fingerprints can be created. According to a paper presented at a security conference in Los Angeles, the artificially generated fingerprints, dubbed “DeepMasterPrints” by the researchers from New York University, were able to imitate more than one in five fingerprints in a biometric system that should only have an error rate of one in a thousand.

In his years-long career developing software for power grids, Stan McHann had never before heard the ominous noise that rang out last Wednesday. Standing in the middle of a utility command center, he flinched as a cyberattack tripped the breakers in all seven of the grid's low voltage substations, plunging the system into darkness. "I heard all the substations trip off and it was just like bam bam bam bam bam bam bam bam," McHann says. "The power’s out. All you can do is say, OK, we have to start from scratch bringing the power back up. You just take a deep breath and dig in."

THERE COMES A period of time in every beloved gadget's life—some more prolonged than others—when you need to think about replacing the electronic device that's given you so much loyal service, whether it's a smartphone, a laptop, a digital camera, or anything in between.