Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov. 4.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance?
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
The federal tally of major health data breaches has spiked over the last month, mostly because of the American Medical Collection Agency incident, which led to nearly two dozen breach reports from the firm's affected clients.
Facebook has confirmed that unprotected databases containing more than 419 million users' phone numbers contained data scraped from the social network. TechCrunch, which first reported on the development, says many of the exposed phone numbers can be tied to Facebook IDs and remain accurate.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
Recently, the FDA was forced to recall a series of insulin pumps because of cybersecurity vulnerabilities that could have left the devices open to hackers. Jesse Young of QED Secure Solutions, one of the researchers who discovered this vulnerability, discusses key medical device security issues.
ISMG and Cybereason visited Dallas on their "Indicators of Behavior" roundtable dinner tour. And Cybereason CSO Sam Curry says the discussion validated the notion that it's time to reimagine incident detection and response.
The battle between Huawei Technologies and the White House continues to intensify, with the Chinese manufacturing giant accusing the U.S. of "using every tool at its disposal" to disrupt its business, including cyberattacks and employee intimidation.
An extraordinary iPhone hacking campaign revealed by Google last week may be linked to other Android spying campaigns focused on websites related to the Uyghurs, a Chinese Muslim minority group, and the East Turkistan region of China, according to new research from Volexity.
Deploying deception technology can give organizations a leg up when it comes to more quickly spotting and responding to data breaches, provided they configure and utilize the technology appropriately, says Rocco Grillo of the consultancy Alvarez & Marsal.
Nation-state actors, cybercriminals, hacktivists - each of these adversaries poses threats to enterprises. But how can organizations prioritize the threats and respond based on business risks? Craig Harber of Fidelis Cybersecurity discusses advanced threats and how to raise the bar on response.
Providence Health Plan says some of its members were among the nearly 3 million individuals affected by a data breach revealed by health plan administrator Dominion National in June. What lessons are emerging from that security incident and others involving third parties?
Do criminal organizations prefer to target organizations that hold cyber insurance policies? A ProPublica report suggests that because cyber insurance policyholders are more likely to pay ransoms, they're a more frequent target. But some cybersecurity experts have expressed skepticism.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.