A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn. Absent offline backups, victims have little chance of recovering from its crypto-locking attacks.
Kenneth Schuchman, the alleged author of a supercharged variant of Mirai malware called Satori, has been rearrested for violating his bail conditions. In what may be a coincidence, security researchers say a Satori botnet went dormant following Schuchman's arrest, only to be reawakened later.
One of the co-authors of the devastating Mirai botnet malware has been sentenced to home incarceration and community service, and ordered to pay $8.6 million in restitution, for his role in a series of damaging distributed denial-of-service attacks that disrupted operations at Rutgers University.
IBM plans to acquire enterprise Linux open source software provider Red Hat in a "hybrid cloud" deal valued at $33 billion that IBM CEO Ginni Rometty promises will be a "game changer." Market watchers say IBM has been struggling to find new revenue growth opportunities.
In the wake of a breach at Hong Kong's Cathay Pacific airlines that involved unauthorized access to personal details on 9.4 million passengers, security experts are weighing in on factors that might have contributed to the incident. So far, the airline has provided only sketchy details.
Good news for anyone whose data has been crypto-locked by attackers wielding GandCrab, the year's most aggressive strain of ransomware: You may be able to get your data back, thanks to a free decryptor.
British Airways has discovered that hackers compromised payment card data and personal details for 185,000 more customers than it had originally suspected and that its systems were first breached not in August, but April. The airline now counts 429,000 data breach victims.
Australian police have charged a woman in the theft of AU$450,000 (US$318,000) worth of the virtual currency XRP, also known as Ripple, in one of the largest cryptocurrency thefts from a single victim. The case highlights how basic security messaging on protecting cryptocurrency isn't getting through.
Digital transformation is putting tremendous pressure on IT security. Whether it's discovering short-lived assets (e.g., containers), assessing cloud environments or maintaining web application security, IT security priorities do not have to be at the mercy of digital business initiatives.
Hong Kong-based airline Cathay Pacific says the personal details of 9.4 million passengers were inappropriately accessed in March, a breach the company confirmed in early May but publicly revealed on Wednesday. That raises questions about whether the airline violated data breach disclosure regulations.
Facebook has been slammed with the maximum possible fine under U.K. law for "a very serious data incident" that exposed an estimated 87 million Facebook users' personal details to political campaign influence firm Cambridge Analytica.
A coding error in a portal of the Employee Retirement System of Texas inadvertently allowed some users to view the information of others, potentially exposing information on 1.25 million of its members. Why are breaches involving coding mishaps so common?
A proposed agreement that would settle a class action suit against Yahoo over devastating data breaches could see the company pay as much as $85 million. That adds to the $35 million fine levied by the SEC earlier this year, showing the high price to be paid for Yahoo's record data breaches.
Two years after Mirai botnets first appeared, security researchers say telnet-targeting botnets are attempting to compromise internet of things devices by pummeling them with 1,065 different username/password combinations. Some of these attacks are designed to install Linux DDoS malware.
Health insurer Anthem had earned HITRUST Common Security Framework certification before its mega-breach. Now that the insurer has agreed to a $16 million HIPAA settlement with federal regulators, who spelled out the company's security shortcomings, it's worth scrutinizing the value of adopting a framework.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.