Security firm Cisco Talos reported this week that cybercriminals have found a new way to make money from their victims, by abusing internet-sharing "proxyware" platforms such as Honeygain and Nanowire to illegally share their victim’s internet connection.
The House began debate Wednesday on legislation that would require companies that own or operate parts of the nation's critical infrastructure to report a cyberattack or breach within 72 hours of confirmation.
After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest multispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals.
Users of OpenSea, a marketplace for blockchain-based digital assets such as crypto collectibles and non-fungible tokens, are being targeted by scammers pretending to be the company's support staff on Discord. The attackers exploited a method OpenSea uses to service support tickets on Discord.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
Local officials with the city of Rolle, located near Lake Geneva in Switzerland, have acknowledged that they initially misjudged the impact of a recent ransomware attack that reportedly led to the leak of residents' data on the darknet.
Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports. The U.K. government has also been caught out by breaches and leaks involving military secrets and CCTV footage from a government building.
Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken. But an "absence of evidence" of a data breach in a ransomware attack isn't sufficient to declare that no data was taken.
The latest edition of the ISMG Security Report features an analysis of the cybercrime-as-a-service model and how law enforcement could potentially disrupt it. Also featured: T-Mobile probes a massive data breach; tackling abuse in the workplace.
T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million. Also revised upward: its count of 40 million exposed credit applications from former customers and prospects.
In recent years, benefits like agility and elasticity have driven rapid adoption of cloud-native applications in the financial services industry. However, moving to cloud and multicloud deployments brings security and compliance issues to the forefront, especially when it comes to customer data. Protecting data...