Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.
Apple and Google have released new APIs designed to support contact-tracing apps being developed by governments to help combat the COVID-19 pandemic. Already at least three U.S. states and 22 countries have expressed interest in using the APIs to build their apps.
Bank of America disclosed this week that some customers' data may have been exposed during the uploading of loan applications related to the Paycheck Protection Program - a U.S. government initiative created to provide business loans during the COVID-19 pandemic.
A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say.
Although FBI technicians were able to gain access to data in two iPhones belonging to a Saudi national who killed three U.S. sailors at a military base in Pensacola, Florida, the Justice Department continues to criticize Apple's refusal to offer law enforcement a backdoor to its encrypted devices.
Business and security leaders accept that a hybrid workforce is the new norm - some staff members based in a central office and many others permanently working at home. But what new cybersecurity demands does this strategy present short-term and into 2021? Our expert panel shares insights.
Covve Visual Network Ltd., a Cyprus-based app developer, acknowledges that it's the owner of 90GB of data - including tens of millions of records - that apparently was left exposed on an open Elasticsearch database. A portion of the data was posted on a forum for trading data leaks.
Besides hospitals and academic institutions, dozens of nonprofits, including nongovernmental organizations - or NGOs - around the world must protect their COVID-19 research and related activities from those seeking to steal data or disrupt their operations, says cyber risk management expert Stanley Mierzwa.
As COVID-19 rages and technology firms race to develop contact-tracing apps and other digital tools to help contain the spread, congressional Democrats have followed Republicans in introducing privacy legislation aimed at protecting consumer data collected during public health emergencies.
Australia's Parliament passed a new law on Thursday to deal with a range of legal and privacy concerns arising from its quickly developed contact-tracing app, COVIDSafe. Misusing data and other offenses could garner a five-year prison sentence.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
For many organizations, digital transformation arrived over a weekend in March. Now they look ahead and wonder "what next?" re: authentication, privacy and third-party risk. In a webinar preview, RSA CTO Zulfikar Ramzan shares his vision of cybersecurity in 2021.
Phishing scams continue to be a leading cause of health data breaches so far this year. But the theft of unencrypted laptops led to the biggest breach reported in 2020, and an insider breach involving a physician exposed data on thousands of patients.
The Federal Trade Commission is assessing whether to make changes to a seldom-used, decade-old health data breach notification rule for certain technology vendors that do not fall under the umbrella of HIPAA.
After offering three large databases of compromised user data for sale on the darknet last week, a hacking group known as Shiny Hunters now is trying to sell four additional databases of information apparently gathered from data breaches, security researchers say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
