Expect the recently leaked database containing over 200 million Twitter records to be an ongoing resource for hackers, fraudsters and other criminals operating online, experts warn. Though 98% of the email addresses have appeared in prior breaches, bad actors can merge databases and do more damage.
Cybercriminals are becoming bolder in their attacks on healthcare entities and in how they're compromising patient data - and that's a very worrisome trend, says Nicholas Heesters of the Department of Health and Human Services' Office for Civil Rights.
Coinbase agreed to a $100 million settlement with the New York financial regulator on Wednesday over cybersecurity lapses and failure to comply with anti-money laundering guidelines that allowed criminals to use the platform for fraud, money laundering and other illicit activities.
A class action lawsuit against LastPass alleges that a data breach in August resulted in the theft of $53,000 in bitcoin. An unnamed plaintiff alleges that negligence in the password management company's data security practices led to the Thanksgiving weekend theft.
Authorized payment scams are on the rise, and banking regulators are putting pressure on financial institutions to do more to protect customers. The biggest challenge is that the customers are driving the process, says Bradley Haacke, vice president and financial crimes director at Fifth Third Bank.
The latest edition of the ISMG Security Report analyzes why Meta has agreed to pay $725 million to settle a class-action lawsuit over users' personal data, how the median stock price dropped 40% among publicly traded security firms in 2022, and why an infrastructure change is needed in SOCs.
Ransomware attacks and ransom demands ramped up in 2022, making resiliency the operative word. But as we head into 2023, speed of recovery is the new #1, says Andrew Stone of Pure Storage. He discusses strategies before, during and after attacks.
A member of a criminal data breach forum that tried to sell the email addresses of 400 million Twitter users to CEO Elon Musk last month has now posted the stolen data for anyone to download for free. The 63GB of data includes names, handles, creation dates, follower counts and email addresses.
Hundreds of U.S. counties continue to work with pen and paper after a cyberattack on their digital records management vendor last week disrupted methods to view, add and edit government records. The attack slowed the processing of birth certificates, marriage licenses and real estate transactions.
Acquiring Area 1 Security has allowed Cloudflare to extend its network protection capabilities from DDoS attacks to phishing emails, says co-founder and CEO Matthew Prince. Area 1's technology means customers will enjoy a better rate of detection with fewer false positives than legacy offerings.
Rail and locomotive company Wabtec Corp. notified customers about a data breach that exposed some individuals' personal and sensitive information. Ransomware-as-a-service group LockBit posted the data on its leak site after the company refused to pay a $30 million ransom.
Arizona has long been a leader in leveraging IT and providing digital services, but across the state and country alike, new challenges are emerging in the wake of the pandemic, and with them come new threats and risk factors, including remote work security, says Ryan Murray, deputy state CISO.
Britain's The Guardian newspaper has asked staff to continue working from home until Jan. 23 as the company continues to resolve issues with its network, which was compromised by ransomware hackers in December. The attack affected on-premises infrastructure but left cloud-based systems unscathed.
The U.S. attorney in New York has established a task force to trace and recover funds missing from FTX and manage probes related to the firm's collapse. The team comprises prosecutors with expertise in securities and commodities fraud, money laundering and asset forfeiture and cybersecurity.
Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.