The intersection of fraud and identity has never been more important, says Mary Writz, vice president of product management, ForgeRock. She discusses the benefits of bringing these traditionally separate departments together to fight fraud and how to handle budgets and metrics across the two teams.
A popular line of portable electrocardiographs contains vulnerabilities that allow hackers to execute commands and access sensitive information, federal authorities warn. Device manufacturer Hillrom Medical has released a patch and coordinated disclosure with CISA.
"Credential phishing is off the charts," says Tonia Dudley of Cofense. She discusses the challenge for organizations to strike a balance between having the right controls in place to block malicious emails and stopping the business from receiving legitimate emails.
Former ISACA board chair Rob Clyde shares highlights from ISACA's "Supply Chain Security Gaps: A 2022 Global Research Report," in which 25% of respondents say they experienced a supply chain attack last year, and offers recommendations for assessments and testing of software.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
Having to decide whether to pay a ransom to cybercriminals is a decision no one wants to make. But Gartner's Paul Furtado and Hearing Australia CISO Daniel Smith say practitioners should stay objective and leave the decision - and the subsequent moral implications - to the business.
In the latest "Proof of Concept," Lisa Sotto of Hunton Andrews Kurth LLP and former CISO David Pollino of PNC Bank join ISMG editors to discuss the many new privacy laws in the U.S., current ransomware and scam trends, and handling the potential corporate risk of sharing information on social media.
A publicly traded issuer of home mortgages is notifying 1.5 million consumers of a December cyber incident on its network that leaked PII, including customers' Social Security numbers. Flagstar Bank discovered the breach on June 2 and there has been no evidence of data misuse so far.
Belgian and Dutch police with the support of Europol dismantled an organized crime gang involved in carrying out phishing, money laundering and other scams. Nine suspects are in detention after stealing several million euros, authorities say.
A proposed federal class action lawsuit alleges that Facebook is unlawfully collecting "millions" of individuals' information from the websites and patient portals of "hundreds" of medical providers without the knowledge and consent of patients.
Insurance claims being filed by ransomware victims are growing as criminals continue to hit businesses with crypto-locking malware. To avoid these claims, organizations can take a number of proven steps to better protect themselves, says Payal Chakravarty of Coalition.
Ten years from now, "the ability to transact on a global basis will continue," says Nick Coleman, CSO, real-time payments at MasterCard, who adds, "Maybe my car will buy stuff for me." Coleman discusses the future of digital payments and the technologies that can help secure that future.
Indian hyperlocal logistics provider Grab says it wasn't hacked by a Malaysian hacktivist group. DragonForce Malaysia posted last Saturday on Twitter and Telegram the purported details of Grab delivery personnel. The group is amid an active campaign dubbed OpsPatuk against Indian targets.
The overlying problem in cybersecurity is scale and the complexity that comes from that scale, says Philip Reitinger, president and CEO of the Global Cyber Alliance. He says we need to simplify how we defend ourselves and "give individuals and companies products that meet them where they are."
Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit. The breach, which the credit union group first disclosed in 2019, traced to a "malicious" insider who for 26 months had been selling personal details for 4.2 million active customers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.