Top 10 Stories

A Russian man accused of involvement in developing and distributing the Citadel malware, which at its peak infected nearly 11 million computers and caused over $500m in losses, has pleaded guilty to charges related to computer fraud. Mark Vartanyan, 29, who went by the pseudonym "Kolypto", was arrested in October 2014 in Norway and extradited to the US in December 2016. View full story ORIGINAL SOURCE: IBTimes

Cisco has warned customers that the Vault 7 files obtained by WikILeaks contain information on a critical vulnerability affecting many of the company’s switches. Patches are not available, but Cisco has provided some mitigation advice. The Vault 7 leak allegedly contains information on the CIA’s hacking capabilities, including exploits targeting mobile devices, desktop systems, networking equipment and IoT devices. Some of the tools also appear to target the products of cybersecurity companies, but an initial...

All accounts have been stolen from previous data breaches including Bitcoin Security Forum, LinkedIn, Dropbox, MySpace and others. Last week HackRead exclusively reported on a Darb Web vendor “SunTzu583” selling millions of decrypted Gmail, Yahoo and PlayStation Network accounts. Now, the same vendor is offering a trove of data containing more of Gmail and Yahoo accounts with decrypted passwords. View full story ORIGINAL SOURCE: HackRead

Luxury retailer Saks Fifth Avenue reportedly left the personal information of tens of thousands of its customers exposed in plain text on its online shopping site. BuzzFeed News reports that customers' e-mail addresses and phone numbers were, up until recently, visible on Saks' retail website "in plain text online". The Saks website is maintained by the digital division of Hudson's Bay Company, its parent company and owner of multiple department store chains such as Lord...

Amazon also is adding cyber-security to its AI resume. TechCrunch is reporting that Amazon has acquired AI-based cyber-security company Harvest.ai. According to its website, Harvest.ai uses AI-based algorithms to identify the most important documents and intellectual property of a business, then combines user behavior analytics with data loss prevention techniques to protect them from cyber attacks. View full story ORIGINAL SOURCE: Yahoo! News

Many people think the Mac operating system, MacOS, is more secure than it actually is. This wouldn’t be an issue if those people were all Windows users but many of them own Macs. Thomas Reed, the Director of Mac Offerings at Malwarebytes Labs, has written a useful and informative blog post that provides a balanced view of the strengths and weaknesses of security on the Mac. View full story ORIGINAL SOURCE: Forbes

Remember that USB stick that would destroy almost anything in its path, from laptops, photo booths, kiosks, to even cars? Now there's a new version, and it's even more dangerous than before. In case you missed it the first time around, a Hong Kong-based company built a weaponized pocket-sized USB stick, which when plugged into a device, will rapidly charge its capacitors from the USB power supply and then discharge, frying the affected device's circuits. Dubbed the...

The government has removed its adverts from YouTube amid concerns they are appearing next to "inappropriate" material on the video-sharing site. The Cabinet Office said it was seeking assurances from YouTube's owner Google that its messages would be displayed in a "safe and appropriate way" in future. The Guardian pulled its ads after they appeared next to extremist material. Google, which has been attacked by MPs for not doing more to curb online hate speech, said...

One of McDonald's Twitter accounts was compromised on Thursday, resulting in the corporate account sending out a message insulting Donald Trump. Although originally it was believed that an employee simply went rogue, it looks like Twitter notified the company that its account had been compromised. The offensive tweet was deleted, the account secured and an investigation has been launched into the matter. "@realDonaldTrump you are actually a disgusting excuse of a President and we would love to have...

Nearly every website containing a login page is under attack from bots looking to access the site, a new report has revealed. Distil’s 2017 Bad Bot Report, which looks back at 2016’s bot activity, found that 96% of websites with a login elements were hit by bot activity, while 97% of sites with proprietary content and/or pricing were hit by unwanted scraping. Around one-third (30%) of websites containing forms were hit by spam bots. Nine out...