Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.

More than half of enterprises are exposing themselves to unnecessary risk by running out-of-date versions of Flash.

Engadget reports: Representative Tom Graves, R-Ga., thinks that when anyone gets hacked — individuals or companies — they should be able to “fight back” and go “hunt for hackers outside of their own networks.” The Active Cyber Defense Certainty (“ACDC”)…

An anonymous reader quotes a report from Ars Technica: Exclusive deals between broadband providers and landlords have long been a problem for Internet users, despite rules that are supposed to prevent or at least limit such arrangements. The Federal Communications…

Pandemic is a Windows implant built by the CIA that turns file servers into Patient Zero on a local network, infecting machines requesting files with Trojanized replacements.

Mike Mimoso and Chris Brook discuss the news of the week, including the ShadowBrokers crowdfunding attempt, errors in WannaCry, a new Wikileaks dump, last week’s Samba vulnerability, and the OneLogin breach.

A crowdfunding effort to buy a subscription to the ShadowBrokers’ Monthly Dump Service of stolen exploits and data was shut down citing legal and ethical concerns.

An anonymous reader quotes CNN: U.S. senators want people to hack the Department of Homeland Security. On Thursday, Senators Maggie Hassan, a Democrat and Republican Rob Portman introduced the Hack DHS Act to establish a federal bug bounty program in…

Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attacker’s computer.

The market for automated credential stuffing tools is growing fast, because of a record number of breaches.