Equifax says that its digital forensic investigators have found that while its tally of 145.5 million U.S. breach victims hasn't changed, more of them had their email addresses, tax identification numbers and driver's license information exfiltrated.
More than 4,200 websites, some belonging to the U.S., U.K. and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero. The security lapse continues the recent trend of cryptocurrency mining malware overtaking ransomware.
DDoS extortion comes in many forms. Campaigns over the past three years have varied in their nature and continue to evolve over even the past few months. What lessons can be learned from the latest attacks? Dennis Birchard of Akamai shares insights on the attacks and the newest defenses.
Leading the latest edition of the ISMG Security Report: England's Court of Appeal rejects U.S. extradition request for suspected hacker Laurie Love. Also, what took Uber and Partners Health so long to come clean about their respective data breaches?
Illegal transactions on the internet have long been conducted in the cryptocurrency bitcoin. But underground vendors are accepting new kinds of virtual currency that may be safer to store and offer more privacy protections, according to a new study of 150 dark web markets and forums.
Google is prepping its Chrome browser to brand as "not secure" every site a user tries to visit that does not use HTTPS encryption by default. The move is meant to push more sites to use HTTPS to secure communications and help block eavesdropping and man-in-the-middle attacks.
Do healthcare entities face a growing risk of being hit with cryptocurrency mining attacks, which have become more common in other sectors? A Tennessee hospital may be the first victim in the sector, and some security experts predict many more such incidents.
The U.S. Department of Justice, in one of its biggest-ever cybercrime disruptions, shuttered the Infraud Organization, an online forum prosecutors tied to $530 million in losses. Thirteen suspects - in Australia, France, Italy, Kosovo, Serbia, the U.K. and the U.S. - have been arrested.
Uber CISO John Flynn tells a U.S. Senate subcommittee that the company should have told the public sooner about its 2016 data breach. He says the company's attempt to position its $100,000 payoff to hackers as a bug bounty was not appropriate.
Rachael Stockton of LastPass says that 81 percent of breaches are caused by weak or reused passwords. So, is it time to take a hard look at password management and consider adding some technology to the practice?
A malware incident at Partners HealthCare that was detected last spring but was only recently determined to have exposed patient data illustrates that confirming a data breach through a forensics investigation can be difficult and time-consuming.
A hacking team dubbed "Group 123" with apparent ties to the government of North Korea has been exploiting a zero-day vulnerability in the Flash browser plug-in, likely to hack high-value targets. Adobe has released an emergency Flash update with security fixes. Or organizations could simply stop using Flash.
The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
As banks in the U.S. and Australia grapple with how to effectively launch faster payments, more will turn to big data and machine learning to help better manage expected upticks in fraud, says cybersecurity specialist John O'Neill Jr. of DarkTower.
The Department of Justice has charged two men, arrested in Connecticut near the scene of a jackpotting attack against a drive-up ATM, with bank fraud stemming from a malware attack. Police say they recovered $9,000 in $20 bills, as well a black box and other equipment from the suspects' car.