Known losses due to business email compromise have exceeded $12.5 billion worldwide, the FBI's Internet Complaint Center reports, adding that fraudsters are increasingly targeting the U.S. real estate sector with such scams.
The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.
Magecart, the criminal group behind the recent data breach at certain Ticketmaster websites, may have also hit the company's sites in Australia, New Zealand, Turkey and Hungary, according to RiskIQ, which says the group's digital payment card skimmers may also affect as many as 800 other e-commerce sites.
Timehop, an application that revives older social media posts, says the lack of multifactor authentication on a cloud services account led to a data breach affecting 21 million users. The breach exposed names, email addresses, phone numbers and access tokens Timehop used to read information from accounts.
Every day, as employees routinely use applications and share data, they leave behind an invisible "access footprint" - credentials and connections to other systems. These are the basic tools - keys - that advanced
attackers use once inside your network to move from their initial point of entry to their targets. The...
When should a technology or security leader get involved in M&A? The short answer: as early as possible. Security
really should play a prominent role before, during, and after the acquisition activity.
Download this eBook to learn more about:
High-profile incidents of cyber disruption during M&A;
Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.
While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.
A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.
It's a fair question: Can you trust the fraud advice you're given from a former fraudster? Especially one who's betrayed law enforcement before? Brett Johnson says he's abandoned crime for good, and he shares insight on the types of fraud schemes he once practiced.
The U.K. has approved a plan to build a cutting-edge court complex in London designed to handle cybercrime, fraud and economic crime. The facility is expected to be a growth driver for the country's legal industry, despite the U.K.'s pending withdrawal from the European Union.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.
Ransomware alone cost organizations an estimated $1 billion in 2016, up from $24 million in 2015 and there is no end in sight for 2017! Ransomware, business email compromise, and spearphishing are serious problems that can steal your data, intercept funds, and disable access to your organization's network.