Some 4 terabytes of data on over 1.2 billion individuals - including LinkedIn and Facebook profiles - was exposed to the internet on an unsecured Elasticsearch server, according to an analysis by a pair of independent researchers.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
Stanislov Lisov, a Russian hacker who helped create the NeverQuest banking Trojan, has been sentenced to four years in federal prison after pleading guilty to one charge.
Watch this live Q&A with Brian Hay, former detective superintendent from the Queensland Police Service and now executive director of Cultural Cyber Security, as he helps organizations understand and develop their business strategies to ensure the highest levels of security.
Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach. Find out how much money the company is seeking.
The U.S. Federal Reserve is warning that the increasing use of cryptocurrencies known as "stablecoins," without proper safeguards and regulations, could pave the way for crime, including money laundering and terrorism financing.
Dopplepaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.
An unsecure database belonging to PayMyTab, a company that provides U.S. restaurants with mobile payment apps and devices, left payment card and other customer data exposed, according to a new report from two independent security researchers.
Attacks tied to Shade ransomware continue to surge as part of an overall resurgence in ransomware, security researchers warn. Other malware trends include stealthy ways to sneak malicious code onto systems - including JavaScript and zipped attachments - as well as the continuing use of exploit kits.
A bipartisan group of eight U.S. senators is urging National Security Adviser Robert O'Brien to appoint a special coordinator to oversee the rollout of 5G cellular networks. The coordinator would address security issues and coordinate the efforts of federal agencies.
Microsoft has outlined its plans for supporting the encryption of Domain Name System queries, which allows for more private internet browsing. The first step will be to upgrade connections to DNS over HTTPS, but allow admins to control DNS settings.
In the wake of Google's plan to buy Fitbit, two U.S. senators have introduced legislation that aims to protect the privacy of consumer health data collected on wearable devices. Meanwhile, a House committee is scrutinizing the healthcare system Ascension's sharing of patient data with Google.
After a ransomware attack on Monday forced Louisiana's government to take several servers and websites offline to prevent the malware from spreading, state officials spent Tuesday restoring online services.
Macy's says hackers successfully infiltrated its e-commerce website and planted rogue JavaScript, enabling them to steal customer data, including payment card information. Macy's says the breach has been contained and all stolen card numbers shared with card issuers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
