Cybersecurity experts at Microsoft's Windows Defender Security Intelligence Team this week reported their discovery of two new email-based phishing campaigns. One targets Amex users while the other targets Netflix customers. Both campaigns reportedly are very well-crafted, featuring legitimate logos and even fill-in forms that closely mimic those on the respective company's own websites.

Microsoft has been urging customers to upgrade from its Windows 7 operating system, while attempting to ease the transition with several options for extended support. It will stop providing routine fixes and security patches effective January 2020. Regular support for Windows Server 2008 also will end at that time. Windows 7 enterprise customers can subscribe to Extended Security Updates.

Following a natural disaster that causes property damage to businesses and homes -- say a hurricane, fire or flood -- how often do you hear suggestions that the victims were at fault for their misfortune, or that they could have done something to prevent the event from occurring in the first place? Not often, right? We all know that events like that are possible. We plan around those possibilities, and we don't blame the victims.

A new cryptovirus called "B0r0nt0K" has been putting Linux and possibly Windows Web servers at risk of encrypting all of the infected domain's files. The new ransomware threat and the ransom of 20 bitcoins -- about $75,000 -- first came to light last week in a forum post. A client's website had all its files encrypted and renamed with the .rontok extension appended to them, the forum user indicated.

JPMorgan Chase on Thursday announced that it has created and successfully tested a digital coin. Each JPM Coin represents $1 in funds held in designated accounts at JPMorgan Chase N.A. The token was created using Quorum, a variant of Ethereum developed by JPMorgan Chase, to enable instantaneous payment transfers between its clients' institutional accounts.

The e-ticketing systems of eight airlines, including Southwest Airlines and Dutch carrier KLM, have a vulnerability that can expose passengers' personal data, mobile security vendor Wandera has reported. They use unencrypted links that hackers can intercept easily. The hackers then can view and, in some cases, even change the victim's flight booking details, or print their boarding passes.

There's been a lot of hype about blockchain over the past few years. Nowadays though, there are signs that we may be on the cusp of moving from the "blockchain will solve all your problems" segment of the hype cycle into the "blockchain may be useful for a few targeted applications" segment. Utility-based Darwinism is at work -- we're starting to see the less likely applications fall away.

A new year means a fresh start, but it doesn't mean that old threats will go away. In fact, in the world of cybersecurity things could get far worse before they get better. Cybercrime continues to increase, as it allows nefarious actors to operate at a safe distance from victims -- and more importantly, law enforcement. Cybercrime often doesn't get the same attention as other types of crimes.

BlackBerry this week introduced its new Security Credential Management System. SCMS -- a free service for the public and private sectors -- could encourage efforts to develop autonomous and connected vehicle pilot programs. BlackBerry undertook development of this technology to provide the critical infrastructure for vehicles and traffic lights to exchange information securely.

Supermicro CEO Charles Liang has informed the company's customers that a leading third-party investigations company found "absolutely no evidence of malicious hardware" on its motherboards. The investigation was undertaken in response to a recent claim that bad actors had inserted spy chips in the firm's motherboards on behalf of the Chinese People's Liberation Army.

The DoJ has revealed an unsealed indictment of eight defendants for crimes related to their involvement in widespread digital advertising fraud. The DoJ alleges the eight individuals were behind two global schemes, 3ve and Methbot, which stole tens of millions of dollars through a scam that used fake Web traffic and fake websites to reap ad view revenue from unwitting advertisers.

Cybersecurity has been becoming a larger and larger concern for organizations. Nowadays, most organizations -- regardless of size, industry, location, or profit vs. nonprofit status -- find themselves directly or indirectly impacted by cybersecurity. Even though the topic itself is increasing in importance, many smaller organizations don't have specialized security expertise on staff.

An apparent prefix leak from an errant router misconfiguration caused Google to lose control of several million of its IP addresses for more than an hour on Monday. During the event, Internet traffic was misrouted to China and Russia from Nigeria. The incident initially sparked concerns that it might have been a hijacking. The mishap made Google services unavailable to many users intermittently.

Hackers planted malware on StatCounter to steal bitcoin revenue from Gate.io account holders, according to Eset researcher Matthieu Faou, who discovered the breach. The malicious code was added to StatCounter's site-tracking script last weekend, he reported. The malicious code hijacks any bitcoin transactions made through the Web interface of the Gate.io cryptocurrency exchange.

We made it. The holiday shopping season is here once again! This is a great opportunity for you as an e-commerce retailer. If you're like many other merchants out there, the run-up to Christmas is one of the most profitable, and busiest, times of the year. You may need some extra help to handle the surge in traffic and maximize your return. That means hiring seasonal employees.

Theresa Payton, CEO of Fortalice Solutions, is one of the most influential experts on cybersecurity and IT strategy in the United States. She is an authority on Internet security, data breaches and fraud mitigation. She served as the first female chief information officer at the White House, overseeing IT operations for President George W. Bush and his staff.

Markets grow at the margins. This bit of sage advice was given to me at the start of my analyst career, and it has kept me in good nick for nearly two decades. Of course the focus has drifted over time but that's the point: The CRM market has evolved, and the job of an analyst is to make sense of the evolution. Oracle OpenWorld 2018 held in San Francisco this week is a laboratory for the margin.

When we write the history of the IT era, the big factor that has played an important but not well recognized role will be hardware -- specifically, the Oracle Exadata appliance that puts databases into memory. All of the cloud software starting with the autonomous database on view this week at OpenWorld would be vastly different if the database was still running primarily on disk drives.

Independent software vendors, along with Internet of Things and cloud vendors, are involved in a market transformation that is making them look more alike. The similarities are evident in the way they approach software security initiatives, according to a report from Synopsys. Synopsys has released its ninth annual Building Security in Maturity Model, or BSIMM9.

As if e-commerce companies didn't have enough problems with transacting securely and defending against things like fraud, another avalanche of security problems -- like cryptojacking, the act of illegally mining cryptocurrency on your end servers -- has begun. We've also seen a rise in digital credit card skimming attacks against popular e-commerce software such as Magento.

Every child who's ever played a board game understands that the act of rolling dice yields an unpredictable result. In fact, that's why children's board games use dice in the first place: to ensure a random outcome that is -- from a macro point of view -- about the same likelihood each time the die is thrown. Consider what would happen if someone replaced the board game's dice with weighted dice.

There is a well-known joke among security professionals: Q: "What does IoT stand for?" A: "Internet of Threats." Sadly, this joke is our reality. An estimated 20.4 billion Internet of Things devices will be deployed by 2020, according to Gartner, in what some have dubbed "the fourth industrial revolution." These connected devices are being manufactured to streamline everything we do.

Microsoft has torpedoed websites designed to steal credentials from visitors to two Republican Party think tanks. The malicious websites were among six the company took down last week. A group of hackers affiliated with the Russian military created the sites, according to Microsoft. It apparently was the same group that stole a cache of email from the DNC during the 2016 presidential campaign.

The healthcare cloud has been growing incredibly, becoming an ever-more-important element of health information technology, or HIT. There are many reasons why the HIT cloud has been becoming more prominent, such as research and development and collaboration. Since the cloud has been expanding so rapidly, this may be a good time to reconsider security.

There's a lot of hype around artificial intelligence as the greatest thing since sliced bread, but will AI really help with cybersecurity? Criminals who run cybercriminal businesses also are capable of using the AI to commit crimes. It's logical that if one person is smart enough to develop cyberprotection technologies that utilize AI, then thoughtful, creative criminals can use it too.

"If you think about Internet threats like phishing and botnets and malware -- all of those start with a DNS -- a domain name system. And so every kind of nefarious act leaves footprints and fingerprints in the DNS. That's something that cannot be faked," said Farsight Security COO Alexa Raad. For example, "a lot of the new domain names that are registered are typically registered with bad intent."

If you're a technologist, you've probably noticed a few new things associated with Chrome 68's release last month. One of the more notable changes is that it now uses a "not secure" indicator for any site not using HTTPS. So instead of providing a notification when a site is HTTPS, it now provides the user with a warning when it isn't. One of those groups is users of government websites.

A computer virus over the weekend disrupted the operations of the Asian manufacturer that makes chips for the iPhone and other devices offered by top shelf high-tech companies. TSMC said that a virus outbreak Friday evening affected a number of computer systems and fab tools at its facilities in Taiwan. The incident likely will cause shipment delays and create additional costs.

Worldwide spending on blockchain will hit $1.5 billion this year -- twice as much as in 2017 -- and it will total nearly $12 billion in 2022, according to IDC. The technology is expected to have a five-year compound annual growth rate of 73.2 percent. Cross-business collaboration and interoperability have emerged as key aspects in the technology's growth.

DHS has announced the National Risk Management Center, part of a new effort to combat cyberthreats to the U.S. The new agency's mission will be to defend the critical infrastructure through greater cooperation between the public and private sectors. The center will bring together government experts and industry partners to work out ways that the government can support the partners.