As bitcoin continues its massive price fluctuations, a new report says criminals have continued their push to get extortion and ransom payments in more stable cryptocurrencies. But bitcoins remain a top target for hackers, who most often choose to directly target cryptocurrency exchanges.
PageUp, an HR software developer in Australia with clients worldwide, is warning that malware-wielding attackers may have accessed a raft of personal data stored in its systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February.
The U.S. Treasury Department announced Monday that it has imposed sanctions on five Russian organizations and three individuals, the latest move by the Trump administration in response to Russian cyberattacks.
South Korean cryptocurrency exchange Coinrail says hackers stole 30 percent of all of the cryptocurrency tokens it was storing, but many have been successfully frozen or recalled. Security experts say cryptocurrency exchanges remain poorly secured, so they're popular targets for hackers.
The Department of Homeland Security has issued two more alerts about cyber vulnerabilities in certain medical devices. The stream of recent advisories is helping to draw more attention to the importance of addressing device security. But healthcare providers face the challenge of tracking and mitigating all risks.
One day, organizations may be able to self-certify their GDPR compliance, says an official at the U.K.'s data privacy regulator. Regardless, experts recommend that organizations ensure they are focusing on continuous GDPR compliance and regularly testing their data breach response plans.
The era of the underground marketplace may be ending as concerns over law enforcement infiltration rise, says threat intelligence company Digital Shadows. Cybercriminals' deals are shifting toward encrypted chat and other decentralized services, the company says.
Leading the latest edition of the ISMG Security Report: Our exclusive report on an Australian criminal investigation into a company that apparently swiped cryptocurrency using a software backdoor. Also, cutting through the hype on artificial intelligence and machine learning.
Australian HR service provider PageUp, which serves a variety organizations worldwide, says malicious software on its systems may have compromised client data as well as usernames and passwords. PageUp believes systems that store documents, resumes and employment contracts are not affected.
Since its inception the NIST Cybersecurity Framework has been embraced across geographies and sectors. Trend Micro's Ed Cabrera talks about how to maximize the framework as a baseline for improving cybersecurity posture.
Companies offering cybersecurity products are using the terms "artificial intelligence" and "machine learning" in many different ways. But the real meanings of the terms are far more nuanced than marketing hyperbole would lead us to believe, says Grant Wernick of Insight Engines.
The geneology service MyHeritage says a security researcher found 92 million email addresses and hashed passwords for its users on a private external server. The company, however, says there's no evidence of abnormal account activity or indications family trees or DNA results were affected.
RSA's most recent Quarterly Fraud Report shows that "newsjacking" is increasingly empowering phishing attacks, says Angel Grant, RSA's director of identity fraud and risk intelligence. The report also shows a continuing surge in mobile app fraud.