News
News
- March 13, 2018
13 Mar'18
Binance bounty offered for info on attempted attack
A failed attack led to a Binance bounty offer of $250,000 for information that leads to the arrest of the threat actors responsible for the attempted cryptocurrency theft.
- March 12, 2018
12 Mar'18
Olympic Destroyer was a false flag cyberattack, research claims
New research claims Olympic Destroyer was not the work of the North Korea-backed Lazarus Group; rather, it was a false flag cyberattack designed to mislead attribution efforts.
- March 09, 2018
09 Mar'18
Tenable introduces Lumin cyber exposure platform
Tenable.io Lumin enables organizations to gauge their 'cyber exposure' to vulnerabilities and allows them to compare remediation efforts against industry benchmark data.
-
- March 09, 2018
09 Mar'18
OURSA takes on RSA Conference to highlight diversity
News roundup: Our Security Advocates emerges amid criticism of RSA Conference's lack of female keynote speakers. Plus, a kill switch is discovered for the Memcrashed DDoS exploit, and more.
- March 09, 2018
09 Mar'18
DHS cybersecurity audit scores below target security levels
A DHS cybersecurity audit for FISMA compliance by the Office of Inspector General rated the agency below target levels in three of five areas of information security.
-
Sponsored News
-
Server Security in the Era of ChatGPT
Sponsored by Dell Technologies and Intel - The importance of security and compliance to applications and data environments cannot be overstated. A GenAI platform deployment is different from a typical infrastructure as a service (IaaS) implementation in terms of who holds the keys and who can read the data. Research by TechTarget's Enterprise Strategy Group has found that even cloud-first organizations are deploying some workloads on premises, rather than the cloud, due to concerns related to data governance and sovereignty (cited by 42% of respondents) and security (cited by 34%). These organizations understand the real potential for data leakage associated with GenAI. See More
-
Dell Technologies GenAI-validated Designs and Dell Reference Designs
Sponsored by Dell Technologies and Intel - It's important to have the right infrastructure in place to support generative AI solutions. The intent should be to keep control of both proprietary data and associated GenAI-related business outcomes. See More
-
Sustainability, AI and Dell PowerEdge Servers
Sponsored by Dell Technologies and Intel - When it comes to energy efficiency and sustainability in IT, rightsizing is critical. Optimizing the infrastructure model and the right hardware needed to run it should be the goal. See More
-
A Generative AI Use Case Brought to Life with Solutions from Dell Technologies
Sponsored by Dell Technologies and Intel - Generative AI is not science fiction. It is real. Implementing and using generative AI is a goal within reach of any organization, not just large technology-centric ones. According to research by TechTarget's Enterprise Strategy Group, 92% of organizations will have generative AI in production within the next year. IT vendors such as Dell Technologies are currently working to bring AI to businesses, organizations and institutions in a manner customized to their unique needs. See More
-
- March 08, 2018
08 Mar'18
NSA tracking program watched foreign hackers in action
Researchers discovered evidence of an NSA tracking program designed to watch nation-state hackers and gather information as attacks were in progress.
- March 07, 2018
07 Mar'18
McAfee cloud security platform expands to Microsoft Azure
In its first move following the acquisition of cloud access security broker Skyhigh Networks, McAfee extended its cloud security platform to Microsoft Azure customers.
- March 07, 2018
07 Mar'18
Risk & Repeat: Trustico certificate drama a cause for concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how a controversial move by reseller Trustico led to 23,000 Symantec SSL certificates being revoked.
- March 06, 2018
06 Mar'18
Terabit DDoS attack hits 1.7Tbps and experts expect higher
Five days after a record breaking terabit DDoS attack, a new 1.7Tbps DDoS attack was detected taking advantage of improperly secured memcached servers to launch a reflection attack.
- March 06, 2018
06 Mar'18
Equifax data breach affected 2.4 million more consumers
The massive Equifax data breach affected even more people. The startling total is now 147.9 million U.S. consumers who had their information stolen by hackers.
-
- March 02, 2018
02 Mar'18
Cellebrite claims it can unlock Apple devices, but questions remain
News roundup: Cellebrite claims it can unlock Apple devices, according to a Forbes report. Plus, iCloud encryption keys will now be stored in China, and more.
- March 02, 2018
02 Mar'18
23,000 Symantec certificates revoked following leak of private keys
DigiCert revoked 23,000 Symantec SSL certificates amid a public spat between the company and former reseller partner Trustico, which claimed the certificates were 'compromised.'
- March 01, 2018
01 Mar'18
Memcrashed DDoS amplification exploits memcached UDP port
Memcrashed, a devastating new DDoS amplification attack that exploits UDP port 11211, is only possible when memcached servers are exposed to the public internet.
- February 28, 2018
28 Feb'18
Visa reports EMV chip cards thwart fraud, but criminals adapting
Visa points to a 70% drop in fraud due to EMV chip cards, as consumers and merchants adopt the new payment card technology. But criminals are shifting their own focus to adapt.
- February 27, 2018
27 Feb'18
New SAML vulnerability enables abuse of single sign-on
Duo Security discovered a new SAML flaw affecting several single sign-on vendors that allows attackers to fool SSO systems and log in as other users without their passwords.
- February 27, 2018
27 Feb'18
Risk & Repeat: Is the cyberthreat landscape shifting to cryptomining?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how new attacks, like cryptojacking, may be supplanting previous top cyberthreats, such as ransomware.
- February 27, 2018
27 Feb'18
Ad network cryptojacking attack bypasses ad blockers
Qihoo 360's Netlab team discovered an online ad network has been bypassing ad blockers and running cryptomining software in the browsers of unsuspecting visitors.
- February 23, 2018
23 Feb'18
Facebook's 2FA bug lands social media giant in hot water
Facebook came under fire after a two-factor authentication bug sent non-security notifications to users' phones, sparking a debate about media coverage and 2FA adoption.
- February 23, 2018
23 Feb'18
Hackers used SWIFT-based attacks to steal millions from banks
News roundup: Hackers once again used SWIFT-based attacks to steal millions from Russian and Indian banks. Plus, hackers used an L.A. Times website for cryptojacking, and more.
- February 22, 2018
22 Feb'18
SEC cybersecurity disclosure rules get a guidance update
The U.S. Securities and Exchange Commission introduced new SEC cybersecurity disclosure rules to prevent insider trading related to data breaches and other security incidents.
- February 22, 2018
22 Feb'18
GDPR data breach notification is just one piece of EU privacy puzzle
With the EU's General Data Protection Regulation looming, Qualys' Darron Gibbard discusses GDPR data breach notifications, and more with the EU's new privacy law.
- February 21, 2018
21 Feb'18
Cryptojacking attacks hit enterprises' cloud servers
Cloud security vendor RedLock discovered threat actors had gained access to several enterprise cloud environments, including Tesla's, and used them for cryptojacking schemes.
- February 21, 2018
21 Feb'18
Risk & Repeat: Intel bug bounty tackles side channel attacks
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.
- February 21, 2018
21 Feb'18
Google discloses Microsoft Edge vulnerability without a patch
Google's Project Zero publicly published an Edge browser vulnerability after the 90-day disclosure deadline expired, and Microsoft has yet to patch the flaw.
- February 19, 2018
19 Feb'18
Risk & Repeat: Cyberinsurance market gets a shake-up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss a new industry partnership designed to give Apple and Cisco customers beneficial cyberinsurance policies.
- February 16, 2018
16 Feb'18
Olympic Destroyer malware more complex than first thought
News roundup: The Olympic Destroyer malware is more sophisticated than researchers first thought. Plus, Microsoft looks to change identity management with blockchain, and more.
- February 16, 2018
16 Feb'18
SonicWall spots Meltdown exploits with machine learning tech
SonicWall says its new deep memory inspection technology, which powers the vendor's Capture Cloud sandbox service, can block Meltdown threats and other zero-day attacks.
- February 15, 2018
15 Feb'18
Intel bug bounty programs widened after Meltdown and Spectre
Intel's bug bounty program expanded its scope and rewards for bugs across all Intel products, and the company added a new program for side-channel flaws like Meltdown and Spectre.
- February 14, 2018
14 Feb'18
Microsoft: Windows Analytics can detect Meltdown and Spectre exposure
Microsoft says Meltdown and Spectre vulnerabilities are now being tracked by Windows Analytics, which shows users the update status for CPU microcode and OS patches.
- February 14, 2018
14 Feb'18
Equifax breach worsens, additional consumer data exposed
The Equifax breach compromised even more consumer data, including tax identification numbers, than originally reported. But the credit rating agency didn't disclose the update.
- February 14, 2018
14 Feb'18
Zero-day Telegram vulnerability exploited for cryptomining
Kaspersky Lab disclosed a zero-day vulnerability in Telegram that the security vendor says was abused by Russian cybercriminals in a cryptomining malware campaign.
- February 13, 2018
13 Feb'18
Critical Broadcom flaws discovered in Lenovo ThinkPads
Two critical flaws in Broadcom Wi-Fi chips disclosed last year were thought to affect only Apple and Android devices, but Lenovo now says ThinkPad models are vulnerable, too.
- February 09, 2018
09 Feb'18
Apple's confidential iBoot source code leaked online
News roundup: Apple's highly protected iBoot source code was leaked online. Plus, the U.S. Consumer Financial Protection Bureau stops its Equifax breach investigation, and more.
- February 08, 2018
08 Feb'18
Symantec's untrusted certificates: How many are still in use?
A security researcher found that a significant number of popular websites are still using untrusted certificates from Symantec, which will be invalidated this year.
- February 08, 2018
08 Feb'18
DoJ breaks up Infraud Organization with some help
The U.S. Department of Justice announced the shutdown of the Infraud Organization, which authorities claim is responsible for global cyberfraud losses in excess of $530 million.
- February 07, 2018
07 Feb'18
Grammarly vulnerability exposed user documents
A Grammarly vulnerability in its browser extension authentication could have exposed users' sensitive documents if the popular spelling and grammar checker were left unpatched.
- February 07, 2018
07 Feb'18
Risk & Repeat: Cryptomining malware on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the threat of cryptomining malware is evolving and what it means for enterprises and infosec vendors.
- February 07, 2018
07 Feb'18
Cybersecurity insurance breaks coming for Apple, Cisco customers
Apple and Cisco customers could get lucrative terms for cybersecurity insurance under a new partnership with insurance giant Allianz and global services firm Aon.
- February 05, 2018
05 Feb'18
Cryptojacking malware using EternalBlue to build botnets
Proofpoint researchers discovered a large Monero mining botnet that uses EternalBlue to spread, and it isn't the first time the Windows flaw has been used for cryptojacking.
- February 02, 2018
02 Feb'18
Hackers use ATM jackpotting technique to steal $1M in US
News roundup: Hackers used ATM jackpotting attacks to steal over $1M in the U.S. Plus, a fitness tracking app accidentally exposed the locations of military bases, and more.
- February 01, 2018
01 Feb'18
Meltdown and Spectre malware discovered in the wild
Nearly 140 samples of malware that exploit the Meltdown and Spectre vulnerabilities have been discovered by AV-TEST, but most samples are based on existing proof-of-concept code.
- January 31, 2018
31 Jan'18
Alphabet unveils Chronicle cybersecurity business unit
There is a new moonshot in cybersecurity, and Google's parent company is calling it Chronicle. Alphabet's cybersecurity business unit launched last week and plans on selling cybersecurity services ...
- January 31, 2018
31 Jan'18
Google got faster pulling bad Android apps from Play Store
Google claims it is faster than ever at removing or rejecting bad Android apps from the Play Store before anyone has a chance to install the troublesome app.
- January 30, 2018
30 Jan'18
Critical Cisco ASA vulnerability patched against remote attacks
Experts urge users to patch a new Cisco ASA vulnerability that earned the most critical CVSS score of 10.0 and could lead to remote code execution and denial-of-service attacks.
- January 30, 2018
30 Jan'18
New Comodo CA leadership talks competition, IoT devices
Comodo CA's new chairman Bill Conner and CEO Bill Holtz talk with SearchSecurity about competition in the certificate market and how the internet of things will fuel growth.
- January 30, 2018
30 Jan'18
Microsoft rushes Spectre patch to disable Intel's broken update
Microsoft was forced to release an out-of-band Spectre patch designed not to mitigate the vulnerability but to protect users from Intel's broken fix.
- January 26, 2018
26 Jan'18
Intel Spectre vulnerability memo raises questions of OEM disclosures
Intel first learned of the Spectre vulnerabilities on June 1, but a confidential document shows the chipmaker didn't inform OEM partners until almost six months later.
- January 26, 2018
26 Jan'18
FBI encryption argument draws fire from senator
Sen. Ron Wyden challenged the FBI encryption argument and asked the FBI director to be transparent about claims that lawful access could be provided securely.
- January 26, 2018
26 Jan'18
A series of new IoT botnets plague connected devices
News roundup: New IoT botnets compromise tens of thousands of devices worldwide. Plus, Kaspersky Lab filed an injunction against DHS, mobile POS gets a PCI standard, and more.
- January 26, 2018
26 Jan'18
Blizzard security flaw should put game developers on notice
A newly-discovered Blizzard security bug, which affected all of the company's popular PC games including Overwatch, should serve as a warning for the video game industry.
- January 25, 2018
25 Jan'18
Electron framework flaw puts popular desktop apps at risk
The Electron framework -- used to develop desktop apps using web code -- included a remote code execution flaw that was passed on to popular apps like Slack.
- January 25, 2018
25 Jan'18
Comodo calls out Symantec certificate issues, applauds Google
Bill Conner and Bill Holtz, who recently joined Comodo CA as chairman and CEO, respectively, discuss Symantec's certificate issues and their effect on the certificate market.
- January 24, 2018
24 Jan'18
Risk & Repeat: Backdoor access, strong encryption debate rolls on
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the FBI's continued criticism of encrypted devices and the risks of vendor-created backdoor access points.
- January 23, 2018
23 Jan'18
Gemalto Sentinel flaws could lead to ICS attacks
Security researchers found 14 vulnerabilities in Gemalto Sentinel hardware tokens, which could allow dangerous ICS attacks, including full-system takeover.
- January 23, 2018
23 Jan'18
Intel Meltdown patches pulled with little explanation
Intel claims it has determined why the Spectre and Meltdown patches caused issues on some chips. The vendor is working on a fix and suggests users don't patch for now.
- January 19, 2018
19 Jan'18
Okiru malware puts billions of connected devices at risk
News roundup: Okiru, a new Mirai variant, could put over 1.5 billion devices at risk of a botnet. Plus, G Suite Enterprise now comes with a security center, and more.
- January 19, 2018
19 Jan'18
Trisis ICS malware was publicly available after attack
The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors.
- January 18, 2018
18 Jan'18
The strange case of the 'HP backdoor' in Lenovo switches
Lenovo's discovery of an authentication bypass, literally titled "HP backdoor," within its networking switches brings unsettling implications for the IT industry.
- January 17, 2018
17 Jan'18
Skygofree Android spyware is a powerful surveillance tool
A new Android spyware tool called Skygofree was described as one of the most powerful surveillance tools and can even capture encrypted messages from WhatsApp.
- January 17, 2018
17 Jan'18
Risk & Repeat: Let's Encrypt certificates offer pros, cons
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Let's Encrypt certificates and weigh the positives and negatives the free certificate authority provides.
- January 16, 2018
16 Jan'18
CIA attributes NotPetya attacks to Russian spy agency
The CIA reportedly concluded that Russia's foreign intelligence agency created and was responsible for the NotPetya attacks against Ukraine in June.
- January 12, 2018
12 Jan'18
Intel Meltdown patch causes issues with Broadwell and Haswell
Customers reported the firmware Intel Meltdown patch caused reboot issues on Broadwell and Haswell chipsets, leading to a patch review by Intel.
- January 12, 2018
12 Jan'18
AMD backtracks on Spectre vulnerabilities, plans microcode updates
AMD initially believed the Spectre vulnerabilities posed "near zero risk" to its chip, but the company this week reversed course and is planning microcode updates for its products.
- January 12, 2018
12 Jan'18
Fancy Bears hackers target International Olympic Committee
News roundup: The hacking group called Fancy Bears claims to have hacked the Olympics again. Plus, a former NSA contractor pleads guilty to stealing government data, and more.
- January 11, 2018
11 Jan'18
WPA3 Wi-Fi protocol aims to improve security in 2018
The new WPA3 Wi-Fi protocol aims to improve security for IoT devices and strengthen password security with protections against brute force attacks.
- January 11, 2018
11 Jan'18
Risk & Repeat: Meltdown and Spectre vulnerabilities shake industry
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the discovery of the Meltdown and Spectre vulnerabilities and their effect on information security.
- January 10, 2018
10 Jan'18
Spectre patches highlight January 2018 Patch Tuesday
Microsoft's January 2018 Patch Tuesday brings Meltdown and Spectre patches to users, except those on AMD chipsets or those with incompatible antivirus.
- January 09, 2018
09 Jan'18
NIST botnet security report recommendations open for comments
Federal agencies opened public comments on a draft botnet security report born from the 2017 White House cybersecurity executive order, and experts are generally favorable.
- January 09, 2018
09 Jan'18
Intel keynote misses the mark on Meltdown and Spectre vulnerabilities
With CEO Brian Krzanich's keynote at the 2018 Consumer Electronics Show, Intel missed an opportunity for the Meltdown and Spectre vulnerabilities.
- January 05, 2018
05 Jan'18
Huge coordinated vulnerability disclosure needed for Meltdown
Unprecedented Spectre and Meltdown CPU flaws required a vast coordinated vulnerability disclosure effort over six months and across dozens of organizations.
- January 05, 2018
05 Jan'18
A DHS data breach exposed PII of over 250,000 people
News roundup: A DHS data breach exposed PII of 250,000 federal employees, as well as investigative data from 2002 to 2014. Plus, a new bill aims to nix paperless voting, and more.
- January 04, 2018
04 Jan'18
Meltdown and Spectre patches and mitigations released
Vendors released the vulnerability disclosures and patches for the new Meltdown and Spectre CPU attacks as the infosec industry begins mitigating risks.
- January 03, 2018
03 Jan'18
Intel CPU flaw gets third-party patch but no details
Release of a third-party patch for a mysterious Intel CPU flaw led to many questions but few answers, and details on the issue may not be imminent.
- January 03, 2018
03 Jan'18
Risk & Repeat: The TLS 1.3 clock continues to click
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the long wait for TLS 1.3 and the effects -- positive and negative -- the delays have had for enterprise security.
- January 02, 2018
02 Jan'18
IOHIDeous is a macOS zero-day for the new year
A newly discovered macOS zero-day flaw, called IOHIDeous, affects all versions of Apple's desktop operating system and can allow for full-system compromise.
- December 29, 2017
29 Dec'17
Browser login managers allow tracking scripts to steal credentials
News roundup: Login managers enable the exposure of user credentials in over 1,000 websites. Plus, Mozilla patched a critical vulnerability in Thunderbird, and more.
- December 29, 2017
29 Dec'17
Official TLS 1.3 release date: Still waiting, and that's OK
Protocol scrutiny is good for the upcoming TLS 1.3 update as the process continues to expose, and fix, problems.
- December 29, 2017
29 Dec'17
Risk & Repeat: Cybersecurity predictions for 2018
In this week's Risk & Repeat podcast, SearchSecurity editors offer their cybersecurity predictions for 2018, including forecasts for cryptojacking, DDoS attacks and other threats.
- December 28, 2017
28 Dec'17
After 2017, data breach fatigue should be a thing of the past
Data breach fatigue should be put on hold after the Equifax data breach and Uber hack taught us painful lessons about enterprise security shortcomings.
- December 27, 2017
27 Dec'17
North Korea's Lazarus Group sets sights on cryptocurrency
Researchers believe North Korean nation-state hackers from the Lazarus Group are targeting cryptocurrency exchanges and owners in a wave of financially motivated attacks.
- December 22, 2017
22 Dec'17
Cryptocurrency exchanges increasingly targeted by cyberattacks
News roundup: Cryptocurrency exchanges are folding because of targeted cyberattacks. Plus, five hackers were arrested in connection with international ransomware attacks, and more.
- December 22, 2017
22 Dec'17
Risk & Repeat: Cryptojacking looms amid the bitcoin boom
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rising threat of cryptojacking and how hackers can steal computing power from unsuspecting users.
- December 20, 2017
20 Dec'17
White House WannaCry attribution leaves unanswered questions
The White House's WannaCry attribution included the broad strokes, experts say, but the case avoided some key pieces of information, such as the role of the NSA in the attacks.
- December 19, 2017
19 Dec'17
North Korea behind WannaCry attacks, White House says
The White House officially said North Korea was behind the WannaCry attacks, and it credited Facebook and Microsoft for work in attribution. But it left questions unanswered.
- December 19, 2017
19 Dec'17
Flawed Keeper password manager preinstalled on Windows 10
Google Project Zero's Tavis Ormandy discovered a flaw in the Keeper password manager browser extension that could allow attackers to steal credentials.
- December 15, 2017
15 Dec'17
Triton framework used in industrial control attacks
Security researchers discovered new ICS attacks using the Triton framework that may have been nation-state-sponsored and intended to cause real-world damage.
- December 15, 2017
15 Dec'17
Half of business leaders admit to hiding data breach information
News roundup: Data breach information is kept from customers 50% of the time, according to a report. Plus, the FBI director continues to preach against encryption, and more.
- December 14, 2017
14 Dec'17
Mirai creators and operators plead guilty to federal charges
The Department of Justice announced guilty pleas from the three Mirai creators and operators behind the massive worldwide botnet DDoS attacks in 2016.
- December 14, 2017
14 Dec'17
Risk & Repeat: The Bitcoin boom and its infosec effects
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent bitcoin boom and how the cryptocurrency's rising value could affect the cybersecurity landscape.
- December 13, 2017
13 Dec'17
Breach awareness low among executives, CA Veracode survey says
According to a new survey from CA Veracode, breach awareness regarding recent major cyber incidents was low among executives, managers and directors, surprising some experts.
- December 13, 2017
13 Dec'17
Return of Bleichenbacher: ROBOT attack means trouble for TLS
A team of security researchers discovered many vendors' TLS implementations are vulnerable to the Bleichenbacher oracle attack, which was first discovered 19 years ago.
- December 12, 2017
12 Dec'17
1.4 billion stolen credentials found on dark web
A massive repository containing more than 1.4 billion stolen credentials was found on the dark web with special features for malicious actors.
- December 08, 2017
08 Dec'17
Emergency Microsoft patch out for Malware Protection Engine
A critical vulnerability found in the Windows Malware Protection Engine required an emergency Microsoft patch, but one expert said Microsoft hasn't handled the announcement well.
- December 08, 2017
08 Dec'17
Hacker behind Uber data breach was paid off through bug bounty
News roundup: The man responsible for the 2016 Uber data breach is a 20-year-old from Florida. Plus, Ethiopia reportedly targeted dissidents with Israeli spyware, and more.
- December 07, 2017
07 Dec'17
Risk & Repeat: Analyzing the accidental data breach
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise of accidental data breaches following a series of enterprise exposures of user data online.
- December 07, 2017
07 Dec'17
Army cyber officer hiring to build the future of warfare
A new initiative plans Army cyber officer hiring over the course of five years, but experts are skeptical it can attract the best candidates away from the private sector.
- December 07, 2017
07 Dec'17
OWASP Top Ten: Surviving in the cyber wilderness
The latest version of the OWASP Top Ten web application risks is much like previous versions, and that's not a bad thing at all.
- December 05, 2017
05 Dec'17
Keyboard data leak exposes millions of personal records
A keyboard data leak by mobile developer Ai.type exposed millions of personal records through misconfigured MongoDB database settings.
- December 05, 2017
05 Dec'17
Apple High Sierra patch undone by macOS update
Apple released a High Sierra patch to fix a serious macOS authentication vulnerability discovered last week, but users could accidentally undo the patch with a routine OS update.
- December 04, 2017
04 Dec'17
Ex-NSA employee pleads guilty to removing classified data
The former NSA employee reportedly responsible for exposing classified data to Russian government hackers pleaded guilty and faces a maximum of 10 years in prison.