The level of integration that third-party vendors and services have in the enterprise environment is introducing risks vectors that are not well understood, says Trustwave's Edwin Lim.
Kaspersky Lab has discovered a new form of malware it calls Dark Tequila that has been targeting users in Mexico and stealing bank credentials and other personal and corporate data. The malware can move laterally through a computer while it's offline, says Dmitry Bestuzhev, a Kasperksy researcher.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
A lawsuit accuses Google of "the surreptitious location tracking of millions of mobile phone users." The legal action was sparked by a report demonstrating that some Google apps tracked and time-stamped users' locations even if a user deactivated the "location history" setting.
With the U.S. midterm elections approaching fast, Microsoft says it's seized six domain names tied to "Fancy Bear," a hacking team widely believed to be part of Russia's military intelligence agency, amplifying concerns that Moscow's election interference efforts continue.
Upcoming enterprise IoT ecosystems and conventional OT networks share similar security challenges, and as the two converge, organizations need to re-evaluate core security processes, says Richard Bussiere of Tenable Network Security.
The growing use of multiple cloud services in enterprises is creating new security challenges, says Cisco's Harry Dogan, who shares common mistakes and fixes.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
A messy insider incident - allegedly involving an elected official in Wisconsin who is suspected of installing keylogging software to inappropriately access county systems over a five-year span - has impacted more than 258,000 individuals.
A federal judge in California has given final approval to a $115 million settlement involving health insurer Anthem over its 2015 data breach. The settlement is the largest ever reached in a data-breach related class action suit, but most victims will see no money.
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
An Australian teenager was such a fan of Apple that he hacked into the technology giant's mainframe, according to media reports. The teen has pleaded guilty to stealing 90 GB of sensitive information. But Apple says no customers' personally identifiable information was exposed.
U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.