APIs are exposing a lot of business logic to exploitation, says Shreyans Mehta, co-founder & CTO and Cequence Security, who offers insights on enhancing API security.
An alleged hacker who's accused of breaching the now defunct Ticketfly site in 2018 and exposing the personal information of about 27 million account holders has been indicted on a federal extortion charge, according to court documents filed by the FBI.
Walgreens' mobile app inadvertently disclosed personal messages to other customers due to an internal application error, revealing some health-related information. The company did not say how many people were affected.
Facebook recently investigated suspicious content meant to support U.S. presidential candidate Sen. Bernie Sanders but was unable to substantiate involvement by Russians or supporters of President Donald Trump, The Wall Street Journal reports.
The FBI has arrested a suspect who's charged in connection with waging distributed denial-of-service attacks against the campaign website of an unsuccessful 2018 Democratic candidate for the U.S. House in California.
Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid.
Mobile banking customers are being targeted by yet another SMS phishing campaign, according to new research from IBM X-Force. This time, however, in addition to trying to steal usernames and credentials, the attackers are also attempting to install Emotet malware.
A newly identified hacking group has been targeting gambling companies in Asia, the Middle East and Europe, using backdoors to steal source code and other data, according to new research from security firm Trend Micro.
Unpatched Fortinet, Palo Alto and Pulse Secure VPN servers, as well as Citrix gateways, continue to be targeted by hackers, who are exploiting critical flaws to install backdoors inside corporate networks. Security firm ClearSky warns that apparent Iranian APT attackers are the latest to join the fray.
Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout.
The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure.
Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security. The thefts were part of a malvertising campaign that had been active for at least a year, the researchers say.
MIT security researchers have published a paper that describes several security flaws in Voatz, a smartphone app used for limited online voting during the 2018 midterm elections. But the maker of the app contends the research is flawed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.