Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
A 31-year-old Maryland man will serve time in prison for his leadership role in a business email compromise scheme that netted him and five others $4.2 million from 13 victims over a two-year period.
The FBI is largely failing to notify cybercrime victims of their rights in a timely manner following a "cyber intrusion," a new report from the U.S. Justice Department's inspector general finds. At times, small errors, such as typographical mistakes, can cause long delays in the notification process.
Security researcher Zammis Clark, who pleaded guilty to hacking Microsoft - with an accomplice - and later Nintendo, as well as stealing data and uploading malware to Microsoft's network, has received a suspended sentence.
Legislation introduced last week would give the U.S. Senate's sergeant at arms responsibility to help secure the personal devices and online accounts used by senators and their staff to help ward off cyberattacks and other threats.
Toyota Motor Corp. has reported its second data breach in the past five weeks. The latest incident, revealed Friday, may have exposed data on as many as 3.1 million customers.
What are the most common causes of major health data breaches that have been added to the official federal tally so far this year? Read this analysis to find out the details.
How well can banking institutions apply the right amount of security to the right transactions at the right time? Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey.
When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
Analyst turnover is a pervasive problem for the cybersecurity industry. Mike Armistead, CEO of Respond Software, sees robotic decision automation as a solution.
Because of the wealth of personal information available on the dark web, breach detection and remediation are more urgent than prevention and protection, says Nick Hayes of IntSights.
The advent of IoT devices and IT/operational technology integration have dramatically expanded the attack surface. And as a result, the definition of threat intelligence is changing, says Vishak Raman of Cisco.
The ISMG Security Report features Chris Painter, commissioner of the Global Commission on the Stability of Cyberspace, discussing cybersecurity policy for the 2020 U.S. elections. Plus, an update on the cost of the Norsk Hydro ransomware attack and the challenges of controlling real-time payments fraud.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.