About 54,000 Australian driver's licenses were exposed in an open Amazon Simple Storage Service bucket, according to a security researcher. It remains unclear what entity or agency exposed the data and whether those affected will be notified.
Security professionals are expressing surprise that email service provider Sendgrid did not have multifactor authentication in place to protect its customer accounts, which may have enabled the compromise of a large number of accounts, followed by the sale data on the darknet.
He'd worked at NASA, Visa and Time Warner and stepped in at Home Depot after it was hacked in 2014. But nothing quite prepared Jamil Farshchi for the spotlight he'd face when he took over as CISO at Equifax after its massive 2017 data breach. He discusses how the Equifax security organization has rebounded.
The latest edition of the ISMG Security Report analyzes the unusual case against former Uber CSO, Joe Sullivan, who was charged in connection with allegedly covering up a data breach. Also featured: CISA director on election security; insights on preventing healthcare fraud.
Federal prosecutors have charged Uber's former CSO, Joe Sullivan, with covering up a hack attack and data breach. It's apparently the first case that involves attempting to hold a security officer personally responsible for a breach - beyond simply being fired. Is this the start of a trend?
A South Dakota agency, one of 200 law enforcement agencies affected by the so-called "BlueLeaks" hacking of a web development firm in June, has disclosed that COVID-19 patient information was leaked.
Freepik Co. says an SQL injection attack led to the leak of 8.3 million email addresses and 3.7 million hashed passwords for users of its Freepik graphic resources app and Flaticon icon database platform.
The U.S. Department of Justice has charged former Uber CSO Joseph Sullivan with obstruction of justice for allegedly covering up the 2016 hack of the ride-sharing service, which compromised sensitive data for 57 million Uber passengers and drivers.
Marriott faces another lawsuit, filed in Britain, over the breach of its Starwood guest reservation system. The breach ran from 2014 to 2018 - Marriott acquired Starwood in 2016 - and exposed personal information for an estimated 7 million customers in the U.K.
Twitter's communication with the public in the wake of a recent hacking incident provides lessons to others on the value of an incident response plan, says attorney Sadia Mirza.
Building Cyber Operational Agility into Federal IT
As the Continuous Diagnostics and Mitigation (CDM) program matures, it requires a new way of thinking. While agencies will continue to buy tools to fill gaps in their defenses, they need to start thinking about how those tools fit into their larger cybersecurity...
The Senate Intelligence Committee Tuesday released its fifth and final report on Russia's attempts to influence the 2016 election, providing more details on how Russian hackers resided on Democratic National Commitee servers for months and citing shortcomings in the FBI's investigation.
Two recent ransomware incidents that targeted companies serving healthcare organizations highlight an emerging vendor risk management challenge in the sector.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Organizations in all sectors need to take a more deliberate approach to incident response, says Kelvin Coleman, executive director of the National Cyber Security Alliance, who offers guidance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
