The attorney general of Pennsylvania has filed a lawsuit against Uber for allegedly violating the state's mandatory breach notification law. It's the latest in a long string of legal and regulatory repercussions Uber is facing after waiting more than a year to disclose a serious breach.
Anyone who dined out at one of 166 Applebee's restaurants in 15 states may have had their payment card details compromised by point-of-sale malware infections that began in November 2017, RMH Franchise Holdings warns.
The U.K.'s National Cyber Security Center and Australian Cyber Security Center are using the "Have I Been Pwned" breach-monitoring service to centrally monitor for email addresses registered to government domains that appear in data breaches.
Equifax has identified 2.4 million U.S. consumers whose names and snippets of their driver's license numbers were stolen, adding to one of the worst breaches in history, which resulted in personal data for most U.S. adults being exposed.
Digital certificate vendor Trustico is facing a new crisis after a researcher tweeted about an apparent root-level access flaw in the company's website. The alert comes after Trustico's CEO admitted that his company was archiving private keys for digital certificates.
Despite the millions of dollars companies invest in cybersecurity programs, advanced persistent attackers constantly devise new means of breaking into corporate environments. How can deception technology offer a new alternative? Ofer Israeli of Illusive Networks explains.
Now that the Supreme Court has declined to review a case stemming from a 2014 cyberattack on CareFirst Blue Cross Blue Shield, what comes next? Attorney Patricia Carreiro analyzes the potential implications for the class-action lawsuit filed after a breach that affected 1.1 million individuals.
A new strain of the Petya ransomware called "Bad Rabbit" is impacting business and sweeping across Russia and Ukraine, among other Eastern European countries. Like many of the other ransomware outbreaks, understanding fact from fiction is the first step in staying safe.
An analysis of a massive 8.8 GB trove of files containing usernames and plaintext passwords suggests hundreds of services may have experienced unreported or undiscovered data breaches. Data breach expert Troy Hunt says the trove of 80 million records appears to contain fresh data.
Interest in deception technology is growing because it can play a valuable role in improving intrusion detection, says Anton Chuvakin of Gartner, who explains the intricacies of the emerging technology in an in-depth interview.
The U.S. Securities and Exchange Commission has released revised guidance "to assist public companies in preparing disclosures about cybersecurity risks and incidents." It includes new prohibitions on trading in corporate shares after a breach has been discovered but before investors have been notified.
Is your organization prepared for GDPR? The GDPR goes into effect this year on May 25th, 2018! It still remains to be seen exactly how it will be enforced and what specific measures organizations must take to comply. What is clear, however, is that personal data must be protected or severe penalties may be imposed....
Leading the latest edition of the ISMG Security Report: The Department of Justice indicts Russians for allegedly running an industrialized troll factory designed to influence U.S. politics. Also, a feature in Australia's new real-time payment system could be abused by identity thieves.
Want to meddle with a democracy? Just use its social media outlets against it to amplify already existing social divisions. That's the quick take on the indictment recently unsealed by Special Counsel Robert Mueller that accuses Russians of running an "active measures" campaign against the United States.