The glaring privacy issues tied to an online health and beauty retailer allows customers to log-in to their user accounts with just their email address – no password needed.

The global outbreak of the Petya/ExPetr malware wasn’t a ransomware attack, it was wiper malware aimed to sabotage, according to experts.

Ubuntu fixed a Linux bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload this week.

Researchers at Kaspersky Lab have discovered an error in the ExPetr ransomware code that prevents recovery of lost data.

Microsoft is warning customers of an “important” update to its Azure AD Connect service that could allow for an elevation of privilege attack against affected systems.

Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack.

HackerOne released its first report on its bug bounty program, and reveals an industry shift toward enlisting hackers for better cybersecurity.

Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week

The FBI’s Internet Crime Complaint Center (IC3) identified ransomware as one of 2016’s top threats, but a relatively small number of attacks were reported.

Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab’s latest report, WannaCry hitting Honda, GhostHook, and Fireball.