To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed. But Irish authorities have signaled that Facebook has failed to share all of the information they would have expected to see.
Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline. Port officials say the attacker has demanded a ransom, payable in bitcoin, for the promise of a decryption key.
One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.
Scotland's Arran Brewery fell victim to a Dharma Bip ransomware attack that infected its Windows domain controller and crypto-locked files and local backups, leading to the loss of three months' worth of sales data. The brewery refused to pay the attackers' two bitcoin ransom demand.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
The latest edition of the ISMG Security Report features an analysis of a new Government Accountability Office report on the causes of last year's massive Equifax breach. Also: An update on the role of tokenization in protecting payments.
Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. Small-to-midsized ones are particularly challenged to detect and respond to these threats.
The expense and challenge of maintaining in-house cybersecurity resources are just too great for many...
On May 25, 2018, per the General Data Protection Regulation (GDPR), organizations with business ties to the European Union needed to comply to GDPR standards. The cost of non-compliance are stiff fines. The GDPR contains nearly 100 separate and nuanced articles that can be difficult to understand even if you are a...
IT teams at regional banks and credit unions are stretched thin. They're expected to meet compliance obligations while simultaneously taking care of cyberthreats. This is particularly true for mid-sized institutions without resources dedicated to security or compliance, putting them at risk.
What options do...
Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.
The cost of the city of Atlanta's mitigation and subsequent IT overhaul following a massive SamSam ransomware infection in March could reach $17 million, of which $6 million has already been budgeted for new devices, security enhancements as well as upgrades, according to news reports.
Cloud-based CRM giant Salesforce.com is warning some of its Marketing Cloud users that any data they stored may have been accessed by third parties or inadvertently corrupted because of an API error that persisted for six weeks.
Weapons and attack capabilities that were previously only observed in large-scale nation-state operations are now falling into the hands of the masses. Today's attackers are more sophisticated, and capable of exploiting weaknesses at previously unseen speed and scale.
Download this white paper and learn:
A financial services company with responsibility for protecting sensitive customer data lacked centralized visibility into alerts, had limited expertise to triage, prioritize, and escalate incidents, and spent significant time generating customized financial compliance reports.
After deciding not to build their own...