The fallout from the 2015 TalkTalk hack continues as a 22-year-old U.K. man was sentenced to jail Monday for his role in the attack and other cybercrimes, including an attack against his former school.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
What are the top trends shaping the rising tide of financial fraud in 2019, and what can security professionals expect in the months and years to come? Trace Fooshee of Aite Group discusses changes in the fraud landscape.
Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Microsoft is warnings about a large-scale spamming campaign hitting several countries in Europe, with the attackers using an old Office exploit to send emails to victims that contain malware in RTF attachments.
The White House budget chief is seeking to delay a ban on the U.S. government using products manufactured by Huawei. In a letter to Vice President Mike Pence, Russell T. Vought, the acting director of the Office of Management and Budget, says organizations need more time to switch suppliers.
A new botnet called GoldBrute is actively scanning the internet and using brute-force methods to attack 1.5 million Windows machines that have exposed Remote Desktop Protocol connections, according to research from Morphus Labs. The goal of group controlling the botnet is not clear.
Federal prosecutors brought racketeering and other charges against four people, including one U.S. citizen, related to Darkode, a notorious online forum that specialized in buying and selling of malware and other hacking tools. Law enforcement closed the site nearly four years ago.
A month after Baltimore's IT network was hit with the RobbinHood ransomware variant, officials believe the May 7 attack will cost $18 million, which includes recovering and restoring computer systems as well as lost municipal revenue.
Organizations and their applications are under attack from automated bots and bad actors. And many of these attacks are undetectable by conventional security technologies. How can organizations detect and prevent this activity? Carl Gustas of Cequence Security shares insights.
Australian National University has detected a data breach that resulted in the copying of "significant amounts" of staff and student data stretching back 19 years. The intrusion began in late 2018 and was detected on May 17.
The latest edition of the ISMG Security Report analyzes the "blame game" in the wake of a ransomware attack against the city of Baltimore. Also featured: Discussions of cyberthreats in the financial services sector and open source security concerns.
Anyone looking for clarity on whether Special Counsel Robert Mueller believes President Trump is innocent of committing any crimes came away empty-handed from Mueller's press conference Wednesday, when he declined to exonerate the president. But Mueller again accused Russia of attempted election interference.
Reports that the city of Baltimore was attacked using a vulnerability in Windows originally stockpiled by the National Security Agency have triggered a blame game. Cybersecurity watchers are debating attacker culpability, patch management prowess and zero-day stockpiling.
Moody's has changed its financial outlook for Equifax to "negative" from "stable," reflecting concerns about how the credit reporting giant is recovering from the 2017 data breach that exposed the personal information of 148 million Americans.