The company's S-1 lays the groundwork for what is widely expected to be one of the largest initial public offerings of the year, second only to Uber's IPO in May. It's also...Technologyread more
Fraud investigator Harry Markopolos' accusations extended beyond GE's management to actuaries, auditors and analysts who he claims overlooked billions in liabilities.Marketsread more
Trump's tweet comes a day after Apple put out a press release describing the money it spends on U.S.-based suppliers and vendors.Technologyread more
CNBC combed through Wall Street research to see which stocks are still a buy after their earnings reports.Marketsread more
President Donald Trump held a call on Wednesday with the CEOs of three major U.S. banks, according to people with knowledge of the situation.Marketsread more
Despite aggressive strides, Waymo needs one thing before their self-driving cars become a seriously useful transportation system: people. We talked to the ones closest to it.Technologyread more
Scientists say the smoke plumes, filled with megatons of tiny, harmful particles, could travel to other areas of the world and cause serious respiratory problems for people.Weather & Natural Disastersread more
Some Weight Watchers loyalists applaud Kurbo by WW. But nutritionists worry Kurbo promotes an unhealthy relationship with food during an especially impressionable time.Health and Scienceread more
Benefits from what President Trump called "the biggest reform of all time" to the tax code have dwindled to a faint breeze just 20 months after its enactment, writes John...Politicsread more
Epstein, 66, was found in his cell in Manhattan federal lockup Saturday morning and transferred to a nearby hospital, where he was subsequently pronounced dead.Politicsread more
Air travelers faced delays at U.S. airports on Friday afternoon after a computer issue snarled processing of international arrivals.Airlinesread more
Hackers have successful exploited a major security flaw known as the Shellshock bug which has allowed them to hijack an internet server, cyber experts told CNBC.
The Shellshock bug creates a vulnerability in Bash – a software that controls the command prompt on many computers running the Unix operating system – which includes Linux operating systems, Apple OS X and some internet-connected devices such as home routers.
The command prompt is integral to the running of these devices and is behind simple tasks such as opening up an application.
It comes as experts warn that Shellshock has the potential to be more dangerous than the Heartbleed bug discovered in April. Heartbleed was found in OpenSSL software—an encryption service used by around two-thirds of websites to protect information sent to and from web pages – and enabled people to steal an individual's online credentials
Kaspersky Lab researcher Stefan Ortloff told CNBC the security company had identified "malicious attacks" by hackers who had exploited the Shellshock vulnerability to take over a web server. They then used this web server - which is used to host websites - to hijack another one.
Ortloff said this meant the hackers did not leave a trace: "They always use another hacked server to stay anonymous".
The Shellshock bug meant that hackers have the potential to take down more websites through denial-of-service attacks, or target unsuspecting users with malicious viruses, he warned. Kaspersky Lab declined to disclose the servers affected due to client confidentiality.
'Tip of the iceberg'
Other cybersecurity firms have also reported related attacks. London-based Digital Shadows, which tracks cyber-attacks in real time, told CNBC it had noted that the Bash vulnerability was being exploited.
"Many researchers have confirmed that it should be theoretically possible to create a worm that jumps from device to device. The evidence shows this is being exploited already and in an automated way," Digital Shadows CEO, Alistair Paterson, said by email.
Downloading updates – or "patches" - is the way to protect against malicious attacks. Only a handful of developers have released Shellshock-related patches to date, and experts warned that many internet-facing devices might not have regular updates, causing vulnerability to further attacks.
"We have only seen the tip of the iceberg so far," Kasper Lindegaard, head of vulnerability intelligence specialist Secunia, said by email, adding that only the most obvious attack methods had been used so far.
- By CNBC's Arjun Kharpal