Data Breach Today

Security Flaw Exposed Valid Airline Boarding Passes

Data Breach Today

Equifax Negotiates Potential $700 Million Breach Settlement

Data Breach Today

Deal Prepped With Feds and State Attorneys General Includes Victim Compensation Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit.

FTC Reportedly Approves $5 Billion Facebook Fine

Data Breach Today

Settlement Stems From Cambridge Analytica Incident After a long privacy investigation, the U.S. Federal Trade Commission voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal

US Cyber Command Warns of Outlook Vulnerability Exploits

Data Breach Today

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks.

Groups 277

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Despite BlueKeep Warnings, Many Organizations Fail to Patch

Data Breach Today

Payment Fraud: Criminals Enroll Stolen Cards on Apple Pay

Data Breach Today

Fraud Fighters Also See Spikes in ATM Malware, Card Enrollment as a Service Fraudsters continue to get new tricks up their sleeves.

235
235

Phishing Scheme Targets Amex Cardholders

Data Breach Today

Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.

MongoDB Database Exposed 188 Million Records: Researchers

Data Breach Today

Data Apparently Originated in a GitHub Repository Security researchers have found yet another unsecured database that left personal data exposed to the internet.

Data 241

Moving From Vulnerability Management to Vulnerability Response

Data Breach Today

Syra Arif of ServiceNow on Essential Steps Shifting from vulnerability management to vulnerability response is becoming increasingly important, says Syra Arif of ServiceNow, who describes three essential steps

245
245

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

British Airways Faces Record-Setting $230 Million GDPR Fine

Data Breach Today

GDPR 247

Patient Record Snooping Incident Leads to GDPR Fine

Data Breach Today

GDPR 205

Second Florida City Pays Up Following Ransomware Attack

Data Breach Today

After Struggling With Recovery, City Negotiates a Ransom Payment A second small city in Florida is paying off cybercriminals to recover from a ransomware attack that crippled the municipality's local network. How much did Lake City agree to pay, and how much of that was covered by insurance

Phishing Campaign Tied to Amazon Prime Day

Data Breach Today

Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers. The campaign is similar to an earlier attack that focused on Apple users

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

UpGuard: Unsecured Amazon S3 Buckets Exposed 1TB of Data

Data Breach Today

Cloud-Based Databases Belonged to IT Firm Attunity Several unsecured Amazon S3 buckets belonging to IT services firm Attunity left at least 1TB of data, including files from companies such as Netflix, TD Bank and Ford, exposed to the internet, UpGuard researchers disclosed.

Cloud 252

Unsecured Database Leaves 8.4TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4TB of email metadata.

Ex-Equifax CIO Gets 4-Month Prison Term for Insider Trading

Data Breach Today

Ransomware: As GandCrab Retires, Sodinokibi Rises

Data Breach Today

Ransom Payments to Crypto-Locking Malware Extortionists Are Surging With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn.

Instagram Shows Kids' Contact Details in Plain Sight

Data Breach Today

Sharing Email Address, Phone Numbers May Be Risky, Experts Say Tens of thousands of minors on Instagram expose their email addresses and phone numbers, which child-safety and privacy experts say is worrisome.

Tesla Vulnerability: A Bounty Hunter's Tale

Data Breach Today

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from former federal advisers Richard Clarke and Robert Knake on cyber resilience

Researchers Disclose Vulnerability in Siemens' ICS Software

Data Breach Today

Patch Issued in Light of Concerns Over Stuxnet-Like Attack Against Industrial Systems Researchers at the security firm Tenable uncovered a vulnerability in a Siemens software platform used to manage industrial control systems, and Siemens has issued a patch.

BEC Scams Cost U.S. Companies $300 Million Per Month: Study

Data Breach Today

Treasury Department Says an Average of 1,100 Businesses Scammed Each Month Business email compromise scams are surging, and they're costing U.S. companies a total of more than $300 million a month, according to a recently released analysis by the U.S. Treasury Department.

Study 194

Facebook Takes Down Pages Loaded With Malware

Data Breach Today

Campaign Targeted Those Interested in Libyan Politics Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims.

Privileged Attack Vectors: Key Defenses

Data Breach Today

Access 256

Leak Confirms Google Speakers Often Record Without Warning

Data Breach Today

The Cost of 'Smart Home AI Assistants': Humans Review Audio of What People Say George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize

IT 215

Automated Peril: Researchers Hack 'Smart Home' Hubs

Data Breach Today

Vulnerabilities Found in APIs Controlling Croatia-Based Zipato's IoT Devices Findings from researchers who hacked Croatia-based vendor Zipato's smart hub controllers, which can manage networked locks, lights and security cameras, underscore the risks that can accompany home automation devices.

IoT 232

DDoS Attacker Austin 'DerpTrolling' Thompson Gets Sentenced

Data Breach Today

Defendant Pleaded Guilty to Disrupting Sony Online Entertainment and Others A distributed denial-of-service attacker who crashed a popular gaming service at Christmas has been sentenced to serve 27 months in prison.

231
231

Marriott Faces $125 Million GDPR Fine Over Mega-Breach

Data Breach Today

Breach Persisted 4 Years - and Through Acquisition - Before Being Discovered Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016.

GDPR 218

Apple Issues Silent Update to Remove Old Zoom Software

Data Breach Today

Rare Move Made to Protect Against Future Exploitation Apple has taken an extraordinary move to protect its users from a yet-to-be-disclosed vulnerability that could compromise Macs that have the Zoom video conferencing software installed.

Video 213

Chinese Hackers Play Operator With Global Telcos

Data Breach Today

Hackers Slurp $500,000 Through 7-Eleven Mobile Payment App

Data Breach Today

Poor Password Reset Process Proves Too Convenient, as 900 Customers Affected Hackers appear to have accessed a new mobile payment app for 7-Eleven customers in Japan, taking about $500,000 from 900 customers over several days.

Unsecured Database Leaves 8.4 TB of Email Metadata Exposed

Data Breach Today

Shanghai Jiao Tong University Has Since Locked-Down Elasticsearch Server A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4 TB of email metadata.

Audit Finds More Security Vulnerabilities at IRS

Data Breach Today

GAO Makes More Security Recommendations; IRS Now Has 127 Issues to Resolve The Internal Revenue Services' internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to a U.S.

How to Block Advanced Threats

Data Breach Today

Focus on 'Total Cost of Control,' Says BlackBerry Cylance's John McClurg After years of organizations being stuck in a reactive security posture, proactive prevention is finally possible thanks to machine learning backed by AI math models, says BlackBerry Cylance's John McClurg

How To 245

Ex-NSA Contractor Harold Martin Hit With 9-Year Sentence

Data Breach Today

Pleaded Guilty to Stealing Files From NSA, CIA, US Cyber Command Former government contractor Harold Thomas Martin III has been sentenced to serve nine years in federal prison after he pleaded guilty to stealing and retaining classified and secret files and data from U.S.

Wipro Attack Tied to Larger Phishing Campaign: Analysis

Data Breach Today

Malware on the High Seas: US Coast Guard Issues Alert

Data Breach Today

Phishing Attack Against International Vessel Triggers Maritime Warnings The U.S. Coast Guard has issued an alert about an increase in malware attacks targeting the networks of commercial vessels. It's warning ship owners to take more cybersecurity precautions

Crime Gang Advertises Stolen 'Anti-Virus Source Code'

Data Breach Today

Researchers: 'Fxmsp' Russian Hacking Collective Exploits Victims Via RDP and Active Directory The "Fxmsp" hacker collective has been advertising source code that it claims to have stolen from three top U.S.

Access 285