Travel industry software giant Sabre has alerted hotels that its software-as-a-service SynXis Central Reservations system - used by more than 36,000 properties - was breached and payment card data and customers' personal details may have been stolen.
In the wake of fraud reports, Blowout Cards has issued a security alert to customers, warning that an attacker hacked its website and installed a PHP file designed to skim payment card details at the time of purchase.
Free advice for breached businesses: Once you admit that you've suffered a data breach or that you're investigating a security incident, disseminate that message far and wide so no one can accuse you of trying to cover it up. That's the lesson from an incident at BlowOut Cards, a sports card trading site.
So-called "trust attacks" aren't waged for financial gain. They're waged to compromise data, data integrity and to expose sensitive information. Why Darktrace CEO Nicole Eagan says trust attacks will be among our greatest IoT worries in 2017.
Gov. Susana Martinez has signed legislation making New Mexico the 48th state to enact a data breach notification law. Alabama and South Dakota remain the only states without a data breach notification statute.
Intercontinental Hotels Group says that in addition to 12 hotels that it directly manages suffering a point-of-sale malware outbreak that began in 2016, 1,200 IHG-branded franchise hotel locations in the United States were also affected.
Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought. It also disclosed a fresh attack in January that exposed names, contact information, email addresses and purchase histories.
IT security leaders deploy enterprise data loss prevention (DLP) for three major use cases: regulatory compliance, intellectual property protection and increased visibility into how users treat sensitive data. New research evaluates DLP products for these three use cases, based on nine critical...
You can lessen your organization's risk of experiencing a damaging cyber incident or data breach with effective Threat Lifecycle Management. Although internal and external threats will exist, the key to managing their impact within your environment and reducing the likelihood of costly consequences is through faster...
Organizations can no longer rely simply on signature-based scanning of machines to identify malware. Polymorphic malware takes on an infinite number of forms; and has a purpose in mind that always involves taking something from you.
This whitepaper explores how one organization used a comprehensive approach to...
Not too fast, not too slow. Notwithstanding regulations and contractual obligations, that's legal and security experts' consensus on how quickly organizations that suspect they've been breached should notify individuals whose information may have been exposed.
A look at experts promoting blockchain as a secure way to share cyberthreat information leads the latest edition of the ISMG Security Report. Also, how sound waves pose a threat to IoT devices, smartphones and medical devices.
New Mexico lawmakers have overwhelmingly approved the Data Breach Notification Act. If signed, as expected, by Gov. Susana Martinez, Alabama and South Dakota would be the only states without such a statute.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
Payment-terminal maker VeriFone Systems says that attackers managed to access its corporate network in January, but that the intrusion and related breach was limited, has been contained and that any fallout appears to be minimal.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.