Victims of a massive 2018 Facebook data breach can continue a class-action lawsuit to try and force the social network to maintain "reasonable" information security practices, a federal judge has ruled. But he dismissed the plaintiff's attempt to receive monetary compensation for the breach.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
South Korean cryptocurrency exchange Upbit says hackers have stolen $49 million worth of ethereum, in what is the year's seventh major cryptocurrency heist. Much of the $158 million stolen so far this year is likely fueling the North Korean regime's appetite for luxury goods and weapons of mass destruction.
The notorious Joker's Stash carder marketplace has a fresh listing for payment card data that appears to have been stolen from four different U.S. restaurant chains, security experts warn.
An audit from the U.S. Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year. This includes exposing critical infrastructure, including nuclear facilities, to outside hacking and attacks.
An unidentified strain of malware appears to have infected point-of-sale machines used at certain New York restaurants owned by the chain Catch. The malware exposed customer payment card data to hackers, the company says.
The FCC voted unanimously Friday to ban telecommunications companies from using FCC funds to buy equipment from Chinese manufacturers Huawei and ZTE because they pose a "national security threat." Also under consideration is a plan to rip and replace equipment from the firms.
Looking ahead to 2020, Barracuda has just released a new report that outlines the four main types of spear phishing attacks, including business email compromise - and the business impact of these strikes. Michael Flouton of Barracuda shares insight.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
Stanislov Lisov, a Russian hacker who helped create the NeverQuest banking Trojan, has been sentenced to four years in federal prison after pleading guilty to one charge.
This edition of the ISMG Security Report features an analysis of the very latest ransomware trends. Also featured: Discussions of Microsoft's move to DNS over HTTPS and strategies for tackling IoT security challenges.
Doppelpaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.
Attacks tied to Shade ransomware continue to surge as part of an overall resurgence in ransomware, security researchers warn. Other malware trends include stealthy ways to sneak malicious code onto systems - including JavaScript and zipped attachments - as well as the continuing use of exploit kits.
Macy's says hackers successfully infiltrated its e-commerce website and planted rogue JavaScript, enabling them to steal customer data, including payment card information. Macy's says the breach has been contained and all stolen card numbers shared with card issuers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.