Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Although it's important to work with law enforcement after a data breach, organizations need to be careful about what information they share, says attorney Ruth Promislow, partner at Bennett Jones LLP.
Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period. But it declined to say how many people are affected.
Police in Ukraine have seized servers operated by the Intellect Service, which develops the M.E. Doc accounting software used by 80 percent of Ukrainian businesses. Attackers backdoored the software to launch XData, NotPetya and fake WannaCry - aka FakeCry - malware campaigns.
The recent proposed settlement of a class action lawsuit against health insurer Anthem following a 2015 cyberattack impacting about 79 million individuals is significant for several reasons, says attorney Steven Teppler of the Abbott Law Group, who analyzes the deal.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
As nation-state directed cybercrime increases, the FBI is bringing counter-intelligence expertise to bear in its investigations. Todd Carroll of the FBI's Chicago field office talks about attack trends and the new skills and collaboration needed to stop attackers.
The latest edition of the ISMG Security Report leads with an analysis exploring how artificial intelligence can be used by hackers to threaten IT systems and by organizations to defend critical digital assets. Also, a deep dive into the NotPetya ransomware attack.
The Cyber Threat Alliance is developing playbooks that will show organizations how to stop hackers from causing havoc. Alliance President Michael Daniel explains how the playbook could help to disrupt a cyber attacker's business model and processes.
Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
Traditionally in cybersecurity, technology is the central focus. Adversaries act; security controls respond. But Richard Ford of Forcepoint says it is time to change the dynamic with a shift to human-centered security.
The latest ISMG Security Report leads off with a look at the growing industry of mobile spyware designed exclusively for governments, but often misused to track citizens and activists. Also, Australia's push to get allies to adopt tools to counter encryption.
A ransomware attack on a provider of oxygen therapy has resulted in the second largest health data breach posted on the HHS tally so far this year. It's the largest ransomware-related incident listed on the "wall of shame."
Members of Parliament in Britain have had their remote email access suspended following an apparent brute-force hack attempt aimed at exploiting weak passwords to gain access to their accounts. Officials say fewer than 90 email accounts appear to have been breached.