Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
A 31-year-old Maryland man will serve time in prison for his leadership role in a business email compromise scheme that netted him and five others $4.2 million from 13 victims over a two-year period.
The FBI is largely failing to notify cybercrime victims of their rights in a timely manner following a "cyber intrusion," a new report from the U.S. Justice Department's inspector general finds. At times, small errors, such as typographical mistakes, can cause long delays in the notification process.
An "Asian female" has been arrested for attempting to access President Donald Trump's Mar-a-Lago club while he was staying there, claiming she wanted to use the pool. Prosecutors say the apparent Chinese national was carrying a USB thumb drive containing "malicious software" - and had no swimsuit.
How can an enterprise without a traditional perimeter understand and defend against orchestrated attacks designed to evade detection? JP Blaho of NETSCOUT Arbor offers insights on how to gain visibility.
In addition to relying to heavily on anti-virus and anti-malware tools, small and midsize enterprises lack the resources or expertise to catch new and sophisticated forms of attacks, says Dell's Brett Hansen, who offers strategic insights.
How do machine learning, threat intelligence and advanced analytics blend together to form agile and accurate fraud prevention? Avner Gideoni of IBM Security's Trusteer division explains the concept of "laser-cut fraud prevention."
Using artificial intelligence and machine learning in cybersecurity has pitfalls, says McAfee's Steve Grobman, who describes appropriate steps to take.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
Alert fatigue is a major challenge, and the ability of SOC teams to be proactive is hamstrung by the fact that they spend a lot of their time in doing repetitive work, says Cody Cornell of Swimlane, who advocates broader use of orchestration and automation.
Taking a workflow-driven approach is critical to successfully embrace security automation, orchestration and response - or SOAR - technologies, says Dan Sarel of Demisto.
It's becoming increasing important to detect adversaries that have bypassed your security controls and moved laterally in your environment, says Carolyn Crandall of Attivo Networks, who describes the role deception can play.
Security ratings and the analytics they provide give businesses a unique insight into their security performance and posture in relation to their peer group.
A small Michigan medical practice that plans to permanently shut down in the wake of a recent ransomware attack is an example of the devastation that can result from a serious cyberattack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
