A U.K. bank says no customers lost money after cyberattackers attempted account takeovers by rerouting one-time passcodes, Motherboard reports. Such attacks involve unauthorized tampering with Signaling System #7, the protocol used to route mobile phone calls worldwide.
In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.
Bangladesh Bank, supported by the New York Fed, has filed a lawsuit in U.S. federal court to try to recover $81 million stolen via one of the biggest online bank heists in history. But the Philippine bank the lawsuit targets has dismissed the case as a "political stunt" designed to shift blame.
Apple says it has engineered a server-side fix for a flaw in its FaceTime messaging app and plans to issue a patch for clients this week. The patches will resolve a situation jokingly dubbed "FacePalm" that revealed a bug-reporting gap.
The digital revolution has given healthcare organizations new tools to increase team efficiency and improve their customer experience. But it's also opened up new vectors that cybercriminals can use to attack. As your attack surface expands to infrastructure that you don't own or control, becomes increasingly...
The latest edition of the ISMG Security Report features an update on what U.S. intelligence chiefs told Congress this week about persistent nation-state cyberthreats, plus reports on evasion tactics used by cryptocurrency money launderers and what government CIOs have to say about security funding.
Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments?
The State Bank of India, the nation's largest bank, is investigating an apparent data leak that reportedly exposed information on millions of its customers. Security experts are calling on all banks to improve their server management practices.
Airbus says it suffered a hack attack, leading to a breach of "contact and IT identification details" for at least some of its EU employees. The aerospace giant says its investigation continues and that it has notified European privacy authorities, per GDPR requirements.
Yahoo's proposed settlement for a class action lawsuit must return to the drawing board after a federal judge said a proposal to place $50 million into a settlement fund for breach victims lacked security specifics and awarded excessive attorneys' fees. The case could go to trial.
Sophos is out with new reports on Matrix and Emotet, two different types of cyberattacks that are hitting enterprise defenses. Matrix is a targeted ransomware, an emerging type of attack Sophos expects to gain prominence, and Emotet is malware that has evolved over the years into an opportunistic, polymorphic threat...
Endpoint detection and response tools and other related security technologies are critical weapons for defending against cyberattacks, says Larry Whiteside, the new CISO at Greenway Health, an electronic health records company.
Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.
For decades, IT professionals have been fighting malware, hackers, and other threats. Data protection, confidentiality, integrity and availability have long been threatened not only by amateur hackers, but by profit-oriented, well-organised criminals. Victims can usually only react because many of the usual methods...