The steady stream of new reports about years-old breaches continues as Imgur, the popular photo-sharing service, belatedly warns that it suffered a breach in 2014 that compromised 1.7 million users' accounts.
Uber's tardy data breach notification - one year after the incident occurred - has trigged fresh questions about how quickly companies should come clean after they suffer a cybersecurity incident.
Like its mythological namesake, the source code for Zeus malware appears to be immortal. New variants continue to surface, including the Terdot banking Trojan, which is also designed to steal email and social networking credentials while remaining hidden.
A presentation on new models to battle email phishing leads the latest edition of the ISMG Security Report. Also, did Uber mishandle ransomware response?
HyphBot botnet malware is forcing infected PCs to sneakily view high-priced video ads, allowing fraudsters to reap upwards of $1.3 million in daily ad spending, a Danish advertising technology firm warns. The scheme highlights the challenges facing online advertisers seeking legitimate viewers.
Give crooks credit for topicality: They remain loathe to miss a trick. Indeed, hardly any time elapsed after Uber came clean about the year-old breach it had concealed before crack teams of social engineers unleashed appropriately themed phishing messages designed to bamboozle the masses.
Britain's data privacy watchdog has launched a probe of the massive 2016 data breach suffered by Uber. More than 12 months after the breach, the ride-hailing service is scrambling to notify 57 million individuals across multiple countries that their personal details were exposed.
Uber paid hackers $100,000 to keep quiet about a 2016 breach that exposed 57 million accounts belonging to customers and drivers, Bloomberg reports. But was the payment a bug bounty, as Uber has suggested, or really an extortion payoff and hush money?
U.S. prosecutors have unsealed an indictment against an Iranian man charged with trying to extort entertainment company HBO for $6 million in bitcoins. The case marks a rare public naming of someone accused of cyber extortion, which poses an increasing risk for all organizations.
U.S. government agencies now find themselves having to comply with Binding Operational Directive 18-01 to enhance email and web security. What are the immediate tasks? Patrick Peterson of Agari offers insight and advice.
We all see the headlines about high-profile breaches that started because of a phishing exploit. But how severe is the global email infiltration problem? Patrick Peterson of Agari offers insight and advice.
With a rise in incidents of omnichannel financial fraud globally, financial institutions need to enhance their ability to detect fraud - while also reducing technical complexity. Maxim Shifrin of IBM Trusteer discusses new solutions.
Several significant pending legal cases, including the CareFirst lawsuit, showcase the cybersecurity challenges facing the healthcare sector, says attorney Lisa Rivera in an in-depth interview.
Move over Equifax. There's a massive new data breach notification in town. And Uber is still struggling to come clean about why it waited for one year to notify data breach victims and regulators.
A House committee is urging HHS to act soon on a recommendation made by its cybersecurity task force: Develop a description of the cyber risks of components of medical devices. But a task force member says Congress should be pressing HHS to take action on all of the panel's recommendations, not just one.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.