A recently uncovered point-of-sale malware called "ModPipe" is targeting Oracle software used by thousands of restaurants and other businesses in the hospitality industry, according to researchers at ESET. This backdoor can then steal sensitive data, such as cardholder names.
An unauthorized person apparently gained access to a database of insurance software firm Vertafore and compromised the driver's license information of over 27 million Texans. Security analysts say a misconfigured database is the likely culprit.
Despite a Thursday deadline that would have forced China-based ByteDance to shut down its TikTok video-sharing app in the U.S., the Commerce Department will allow the company to continue its American operations for now as various court cases continue.
The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come.
A House of Representatives staff report concludes that existing technology and infrastructure could be used to allow lawmakers to securely cast their votes remotely during the COVID-19 pandemic. But some Republicans question whether remote voting is, indeed, feasible.
A German appeals court has slashed by 90% the $11 million General Data Protection Regulation fine levied last year against 1&1 Telecom by the nation's federal privacy watchdog over call center data protection shortcomings. Experts say the case is a reminder that all GDPR fines can be appealed.
Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says.
Two senior U.S. Department of Homeland Security officials have been forced to resign, and a senior cybersecurity official fears he will be fired by the Trump administration, according to news reports. The moves have raised questions over U.S. stability during the transition period to President-elect Joe Biden.
The Muhstik botnet, which has been operating for at least two years, has recently started targeting vulnerabilities in the Oracle WebLogic application server and the Drupal content management system as a way to expand its cryptocurrency mining capabilities, according to security firm Lacework.
Chat and collaboration software tools such as Slack are critical for software development teams. But a data breach experienced by Utah-based software developer WildWorks illustrates why developers should think twice before sharing sensitive database keys over chat.
Information Security Media Group's members-only CyberEdBoard CISO community has opened its doors, giving senior cybersecurity practitioners a private ecosystem to exchange intelligence, gain access to critical resources and enhance personal career capabilities in collaboration with peers around the world.
Palo Alto Networks plans to acquire security startup Expanse in an $800 million deal. It will integrate Expanse's attack surface monitoring technology into its Cortex product suite.
Twenty financial institutions are collaborating to identify how machine learning can be used to detect synthetic ID fraud, says Greg Woolf, CEO at the security firm FiVerity.
Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet.
A recently uncovered phishing campaign is using a spoofed U.S. Internal Revenue Service domain and social engineering techniques in an attempt to trick targeted victims into sending money to fraudsters, according to researchers at Abnormal Security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.