Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.
A discussion on the latest happenings in the darknet marketplace leads the latest edition of the ISMG Security Report. Also, getting to the bottom of Russia's Democratic Party hack could be the ultimate goal of a lawsuit filed against the Donald Trump presidential campaign.
Ashley Madison wants to put that sordid data breach affair behind it. Parent company Ruby Life has reached an $11.2 million settlement agreement with the plaintiffs behind two dozen U.S. class-action lawsuits - since consolidated - lodged in the wake of its massive 2015 breach.
The plaintiffs who are suing Donald Trump's presidential campaign for conspiring with Russia and WikiLeaks over disclosing their private information stolen from Democratic Party computers could declare a moral victory even if they lose their case. Could exposing the truth be their ultimate goal?
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?
New cybersecurity legislation under consideration in Singapore would make it mandatory for owners of critical information infrastructure to report security breaches within hours and require cybersecurity vendors providing highly sensitive services to be licensed.
London-based health insurer Bupa Global is warning international policyholders that a breach affecting 547,000 customers - with data showing up on darknet marketplace AlphaBay for sale - traces to a now-former employee.
Organizations need to take a well-considered, structured approach to integrating IoT into existing information risk management processes to address security, Gartner's Ganesh Ramamoorthy explains in an in-depth interview.
Verizon has apologized to customers after a contractor failed to secure an Amazon Web Services S3 bucket, leading to the exposure of data relating to 6 million accounts. But it's unclear if Verizon plans to notify customers whose data and accounts might be at risk.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Trump Hotels is warning customers that payment card data at 14 of its properties was compromised during a seven-month breach that affected service-provider Sabre. Other affected chains include Hard Rock Hotel & Casino and Loews Hotels.
Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright, as some recent data leaks demonstrate.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period. But it declined to say how many people are affected.