Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform. The company believes no customer data was leaked and that all passwords remained encrypted.
Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
A misconfigured IT setting has landed a Puerto Rico-based clearinghouse and cloud software services vendor at the top of federal regulators' list of largest health data breaches so far this year. Why do these types of mistakes keep happening?
Several recently reported breaches involving ransomware attacks in which organizations recovered without paying a ransom to extortionists offer a glimmer of hope that healthcare entities are getting better prepared to deal with such incidents.
The U.S. Commerce Department will offer a 90-day reprieve to a handful of companies that conduct business with Huawei before the Trump administration's ban on the use of the Chinese company's technologies fully kicks in, the Wall Street Journal reports. Meanwhile, Google announces it will continue to work with Huawei.
There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. A database that was left online without password protection has since been taken down.
MuddyWater, an advanced persistent threat group that has targeted organizations in the Middle East, has changed some of its tactics to better avoid detection as it continues to plant backdoors within targeted networks, according to new research from Cisco Talos.
It's been nearly seven years since HSBC was fined $1.9 billion by U.S. authorities for money laundering violations involving international drug cartels. But Everett Stern, the former employee who blew the whistle on the bank, continues to tell his story because he believes similar criminal activity is ongoing.
The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports.
Salesforce says it has nearly recovered from a botched database update that wiped out user permissions within its Pardot marketing management product on Friday. The error allowed Salesforce users access to previously restricted profiles.
After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license. Many chipmakers and other technology firms have also said they will cease or at least pause the sharing of software, hardware and services.
Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all.
The majority of aircraft accidents occur during landing. And during bad weather or low-visibility, pilots are trained to entirely trust their instruments. But researchers say they can spoof wireless signals to a critical landing system, which could cause planes to miss runways.
Law enforcement agencies in the U.S. and Europe have disrupted a malware attack platform called GozNym. Six suspects have been arrested in four countries and face local prosecution on fraud, money laundering or malware-writing charges. Five Russian suspects remain at large.