One of the largest fines to date for violating the EU's General Data Protection Regulation has been announced by Germany's federal privacy and data protection watchdog, the BfDI, against 1 & 1 Telecommunications, in part for inadequate authentication mechanisms. The company plans to appeal.
CISOs need to begin investigating the use of quantum-proof cryptography to ensure security is maintained when extremely powerful quantum computers that can crack current encryption are implemented, says Professor Alexander Ling, principal investigator at the Center for Quantum Technologies in Singapore.
Internet crime has grown so rapidly that law enforcement is outpaced. Here's the story of how a Manhattan doctor lost $200,000 in an internet scam, and why he's struggling to get law enforcement's attention.
Security experts speaking on the ending "locknote" panel at this year's Black Hat Europe highlighted trends from the conference, including the rise of fuzzing, simplification via the cloud, increasing vendor transparency as well as the industry too often still failing to focus on the basics.
Applying offensive hacking expertise and a more adversarial mindset to better hone not just network defenses but also public policy is proving effective, says Jeff Moss, founder and creator of the Black Hat conference.
Organizations that suffer a security incident must be prepared to rapidly respond. Here are eight incident response essentials they must follow, from executing their breach response and notifying stakeholders to activating external service providers and working with regulators.
This year's Black Hat Europe conference in London features dozens of briefings touching on a wide variety of topics, including exploiting contactless payment and Bluetooth vulnerabilities, identifying vulnerable OEM IoT devices at scale and running false-flag cyberattacks.
Researchers uncovered an unsecured database belonging to TrueDialog, a business SMS texting solutions provider, which exposed data on millions, including text messages, names, addresses and other information, according to a report by VPNMentor researchers. The database has since been closed.
Surviving a data breach requires having a plan, and experts say such plans must be continually tested, practiced and refined. They describe seven essential components for building an effective data breach response playbook.
Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.
Although many governments have adopted "Cloud First" strategies with respect to their modernization efforts, are they transitioning to the cloud using "Cloud Smart" strategies? Recent findings from the 2019 Unisys Cloud Success Barometer survey shows that 23% of government have embraced multi-cloud solutions,...
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
South Korean cryptocurrency exchange Upbit says hackers have stolen $49 million worth of ethereum, in what is the year's seventh major cryptocurrency heist. Much of the $158 million stolen so far this year is likely fueling the North Korean regime's appetite for luxury goods and weapons of mass destruction.