A federal judge has dismissed a lawsuit filed last year against Google and the University of Chicago Medicine involving complex privacy and other issues related to the use of patients' de-identified electronic health record data. But the court left the door open to filing an amended complaint.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Several cities in the Netherlands have installed IoT traffic lights. But researcher Rik van Duijn says his team found security problems that could enable attackers to remotely trigger the lights.
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
The average amount stolen in a business email compromise scam increased 48% during the second quarter of 2020, but the number of attacks decreased during that period, the Anti-Phishing Working Group reports.
In a court filing, online voting startup Voatz argues that most security research should be limited to those who have clear permission to probe systems and software for vulnerabilities. The amicus brief is part of a U.S. Supreme Court case that could redefine a federal computer law.
The U.S. Cybersecurity and Infrastructure Security Agency is ordering most executive branch agencies and departments to create vulnerability disclosure programs by March 2021. Some agencies, such as the Pentagon, already have robust programs in place.
So-called "cybersquatting" attacks are surging, with financial and e-commerce websites - including those of PayPal, Royal Bank of Canada, Bank of America and Amazon - among the most frequent targets, according to Palo Alto Networks' Unit 42.
A recently uncovered malicious email campaign is delivering to businesses multiple types of malware, including a Trojan designed to steal banking credentials and other financial information, according to a research report from Cisco Talos.
A group of Democratic senators, including Minority Leader Charles Schumer of New York, is urging the Trump administration to impose sanctions on Russia and other "governmental actors" that are waging efforts to interfere with the November election interference.
Fraud prevention practices are not keeping up with changes in risks, says Al Pascual, COO at Breach Clarity, who offers insights on leveraging the latest tools.
Twitter is investigating the hacking of an account associated with Indian Prime Minister Narendra Modi for an apparent cryptocurrency scam, according to news reports. The incident appears similar to a July Twitter hack that hit well-known targets in the U.S. and Europe.
The former moderator of the now-defunct AlphaBay darknet marketplace has been sentenced to 11 years in prison after pleading guilty to a federal racketeering charge, according to the U.S. Department of Justice.
Evilnum, a hacking group that targets fintech firms mainly in the U.K. and Europe, is deploying a new remote access Trojan, according to Cybereason. The group is targeting "know your customer" procedures to start these attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.