Former Equifax CEO Richard Smith this week heads to Capitol Hill to testify about the massive breach suffered by the credit bureau. Lawmakers will likely focus on breach detection and response, information security practices and the suspicious timing of three executives' stock sales.
A federal criminal case alleges that a former Hewlett-Packard Enterprise Corp. employee shut down Oregon's Medicaid information systems for several hours after he was laid off. Some security experts caution organizations to take steps to minimize risks from workers who are laid off or fired.
Upscale supermarket chain Whole Foods Market says it's investigating a payment card breach affecting dozens of taprooms and an unspecific number of restaurants located inside its stores. But it says no point-of-sale systems at checkout lanes were compromised.
A zero-day vulnerability in Apple's built-in password manager can be exploited, allowing attackers to steal all stored credentials in clear-text format, a security researcher warns. The flaw affects the latest version of macOS - High Sierra - plus one or more prior versions.
French competitive beard-grower Gal Vallerius was arrested in Atlanta while traveling to the World Beard and Moustache Championships in Texas on charges that he's a darknet marketplace administrator and vendor of controlled substances known as "OxyMonster."
New York state's financial regulator has reportedly subpoenaed Equifax - in the wake of it suffering a breach affecting 143 million U.S. consumers - seeking extensive documentation, including when and how the credit-reporting agency discovered the breach and responded.
Attackers are increasingly hacking into banks' networks to gain access to the IT infrastructure connected to their ATMs, security experts warn. Attackers push malware onto ATMs that's designed to allow money mules to "jackpot" or "cash out" the machines, then delete itself.
Fast-food chain Sonic Drive-In is investigating a potential breach involving customers' payment card data. Its alert follows a large, potentially related batch of stolen card data appearing for sale on a cybercrime "carder" marketplace called "Joker's Stash."
Organizations need to develop "a friendly business relationship" with law enforcement so they can share information about a data breach to help with the investigation, says Luis Cerritos of the Royal Canadian Mounted Police.
Richard Smith has exited the Equifax building. Following in the footsteps of the CIO and CSO, Richard Smith - Equifax's embattled CEO and board chairman - has "retired" following the company suffering a massive breach that has left millions of Americans at risk of identity theft.
The chairman of the Securities and Exchange Commission, Jay Clayton, promised the Senate banking committee Tuesday that his agency is pursuing numerous cybersecurity improvements in the wake of a May 2016 breach.
Researchers investigating the CCleaner malware outbreak have had a lucky break: The attackers' backup server shows that they pushed secondary malware onto systems at Intel, VMware, Fujitsu and Asus, among others, as part of what appears to be a very targeted attack campaign.