Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period. But it declined to say how many people are affected.
Not so long ago, the information network was a tangible entity to manage and secure. Today, in the age of the cloud and connected devices, network security is a whole new creature. Michael DeCesare, CEO of Forescout, discusses how to respond to this evolution.
In the wake of the reported FBI probe into Moscow-based Kaspersky Lab, here's a question: Could a government compel a domestic cybersecurity firm to ignore state-sponsored malware, or even add backdoors to its software or hardware products, without getting caught?
Faster payments can help to make payments more secure, but they can also raise new security issues. How can those be mitigated? Ed O'Neill of the Federal Reserve provides an update on the activities of two task forces working on this and other issues.
Police in Ukraine have seized servers operated by the Intellect Service, which develops the M.E. Doc accounting software used by 80 percent of Ukrainian businesses. Attackers backdoored the software to launch XData, NotPetya and fake WannaCry - aka FakeCry - malware campaigns.
The recent proposed settlement of a class action lawsuit against health insurer Anthem following a 2015 cyberattack impacting about 79 million individuals is significant for several reasons, says attorney Steven Teppler of the Abbott Law Group, who analyzes the deal.
A senior Russian government official warned that Moscow will retaliate if the Senate moves to ban the use of Kaspersky Lab software by government agencies. Meanwhile, CEO Eugene Kaspersky has repeated his offer to allow U.S. officials to review the company's source code.
The NotPetya outbreak - and XData ransomware before it - have been traced by security researchers at ESET to backdoored M.E. Doc accountancy software. The installed software contains a unique tax identification code for each user's organization, potentially aiding attackers.
Firms in Ukraine and beyond are still struggling to bring all systems back online following last week's devastating "NotPetya" malware outbreak. Authorities in Ukraine have blamed Russia, and said criminal charges could be filed against a Ukrainian software vendor caught up in the attack.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
As the WannaCry outbreak demonstrated, many organizations run outdated operating systems. Too often when systems - and especially embedded devices - still function, there isn't a convincing business case for upgrading. ESET's Mark James asks: Whose fault is that?
As nation-state directed cybercrime increases, the FBI is bringing counter-intelligence expertise to bear in its investigations. Todd Carroll of the FBI's Chicago field office talks about attack trends and the new skills and collaboration needed to stop attackers.