Trump said he will raise tariffs on $250 billion in Chinese goods to 30% and hike duties on another $300 billion in products to 15%.Politicsread more
Stocks dropped after Donald Trump ordered that U.S. manufacturers find alternatives to their operations in China.US Marketsread more
Federal Reserve Vice Chair Richard Clarida said Friday that the global economy has deteriorated in the past month.Marketsread more
The latest escalation in the trade war ups the odds the economy will fall into recession and that the Fed will aggressively cut rates.Market Insiderread more
Here are the products that stand to be the most affected by China's new tariffs on $75 billion worth of U.S. goods.Marketsread more
"We don't need China and, frankly, would be far better off without them," Trump tweeted.Politicsread more
"My only question is, who is our bigger enemy, Jay Powell or Chairman Xi?" Trump wrote amid a series of tweets that rattled markets Friday.Politicsread more
"I would love this to be clarified. We come to a deal on trade, boy, this market is up 10 to 15%, but without it's going to be worrisome," Jeremy Siegel says.Marketsread more
The final week of August could be highly volatile as markets fret over the economy and the latest developments in trade wars.Market Insiderread more
Tesla solar energy systems reportedly ignited at an Amazon warehouse in Redlands, California last June, and the Seattle e-commerce titan confirmed that it has no further plans...Technologyread more
The death comes as federal and state health officials investigate a slew of lung illnesses in connection to e-cigarette use.Health and Scienceread more
One year after the massive security flaw, Heartbleed, was revealed to the public, a new study found that up to 74 percent of companies in the Global 2000 are still vulnerable to being hacked via the bug.
The flaw grabbed widespread media attention when it was revealed in 2014, and made countless businesses scramble to fix their servers. But a study released this week by Venafi, a Salt Lake City, Utah-based cybersecurity firm, shows those efforts were not always enough.
Cybercriminals can still exploit the vulnerability to gain usernames and passwords as well as sensitive business and financial data, the study found.
"Heartbleed is still prevalent," said Josh Abraham, vice president of services at Austin Texas- headquartered Praetorian, a cybersecurity company that helps organizations minimize risk. Heartbleed affects OpenSSL, a software which allows websites to communicate information securely over the Internet.
Venafi compared historical vulnerability scans for Global 2000 business over the past year and found that 1,223 companies in the Global 2000 were still potentially vulnerable to the virus. In addition, from August 2014 to April 2015, the scans found only 2 percent more companies (from 387 companies to 419 companies) had completed their Heartbleed fixes.
A separate study by researchers from Northeastern University, Stanford University and University of Maryland released in November also found that more needed to be done by businesses to fix the Heartbleed vulnerability.
In order to fix Heartbleed fully, companies need either to patch or install updated software to their servers, and then change their SSL certificates and private keys, according to Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. (An SSL certificate is a small data file that encrypts data sent over the Internet to keep it secure, and a private key is used to decrypt the data.)
Even once the updated software is installed, companies could be still vulnerable if hackers were able to access the SSL certificate and private key before the vulnerability was fixed.
Another danger of the stolen SSL certificates and private keys is that websites can be spoofed, according to Bocek. Hackers can use the information gained from the Heartbleed vulnerability to set up fake websites that appear to consumers to be real.
"[Full remediation] is taking more time because it's slow to do," said Bocek.
The full dangers of Heartbleed are unknown. While well-known companies have had sensitive information stolen, sometimes in high-profile attacks, determining that a breach was caused specifically by Heartbleed is difficult, said Praetorian's Abraham.
The larger lesson is that businesses need to be better at updating their servers, say cybersecurity experts
"Unfortunately, Heartbleed was just one example of a vulnerability that needs patching and remediation as soon as possible…organizations that don't manage vulnerabilities will fall victim to trivial attacks," said Erik Heidt, a research director for Gartner, a Stamford, Connecticut-based technology research and advisory company.