This year's Black Hat Europe conference in London features dozens of briefings touching on a wide variety of topics, including exploiting contactless payment and Bluetooth vulnerabilities, identifying vulnerable OEM IoT devices at scale and running false-flag cyberattacks.
Surviving a data breach requires having a plan, and experts say such plans must be continually tested, practiced and refined. They describe seven essential components for building an effective data breach response playbook.
Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.
Google has directly warned more than 12,000 users across 149 countries that they have been targeted by government-backed hackers. Google says the attack attempts occurred in the third quarter of this year and targeted users of such services as Gmail, Drive and YouTube.
Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur isn't revealing much detail but says it is in the process of restoring services.
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
Victims of a massive 2018 Facebook data breach can continue a class-action lawsuit to try and force the social network to maintain "reasonable" information security practices, a federal judge has ruled. But he dismissed the plaintiff's attempt to receive monetary compensation for the breach.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
South Korean cryptocurrency exchange Upbit says hackers have stolen $49 million worth of ethereum, in what is the year's seventh major cryptocurrency heist. Much of the $158 million stolen so far this year is likely fueling the North Korean regime's appetite for luxury goods and weapons of mass destruction.
An audit from the U.S. Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year. This includes exposing critical infrastructure, including nuclear facilities, to outside hacking and attacks.
An unidentified strain of malware appears to have infected point-of-sale machines used at certain New York restaurants owned by the chain Catch. The malware exposed customer payment card data to hackers, the company says.
With the California Consumer Privacy Act set to go into effect Jan. 1, 2020, companies are making last-minute compliance preparations. But these preparations are challenging because regulations to carry out the law are still pending and ambiguities remain. Here's a look at three issues.
The FCC voted unanimously Friday to ban telecommunications companies from using FCC funds to buy equipment from Chinese manufacturers Huawei and ZTE because they pose a "national security threat." Also under consideration is a plan to rip and replace equipment from the firms.
Virtual Care Provider Inc., which provides cloud hosting and other services to more than 110 healthcare entities, including nursing homes and assisted living facilities, is struggling to bounce back from a ransomware attack in which hackers demanded a $14 million ransom.