Ignoring a breach disclosure can have ugly consequences. Case in point: Lumin PDF, a PDF editing tool, which saw data for much of its user base - about 24.3 million - published in an online forum late Monday. Data breach expert Troy Hunt says it's sign of the dysfunction in the breach disclosure process.
The Canadian government has arrested a senior intelligence official on charges of working as a mole. He was reportedly unmasked after investigators found someone had pitched stolen secrets to the CEO of Phantom Secure, a secure smartphone service marketed to criminals that authorities shuttered last year.
Even with the uptake of cloud services, many large enterprises still hold data on mainframes, says Philip MacLochlainn of IBM. But the diversity of computing environments around mainframes is rapidly changing, which increases the risk of data breaches, he explains.
No SOC has the resources or time to review and manage all its alerts manually. Overwhelmed security teams often ignore "low value" notifications for the sake of efficiency. This forced adjustment in workflow allows potential security threats to slip through the cracks.
In today's world of automation and AI, it's...
The U.S. Commodity Futures Trading Commission has hit Philips Capital Inc., a Chicago-based brokerage firm, with a $500,000 penalty for security missteps before and after a 2018 data breach, which resulted in the theft of $1 million from client accounts.
As cybercriminals adopt new methods to steal and manipulate victims' identities, the U.S. financial services industry needs to rethink how to protect customers' information using emerging technologies, such as artificial intelligence, security experts testified at a recent U.S. House committee hearing.
Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.
Because banks, fintech firms, merchants and payments processors in the EU have struggled to meet the Sept. 14 deadline for compliance with the new PSD2 "strong customer authentication" requirements for electronic payments, it may take a while for European consumers to notice authentication changes.
Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay Maor of IntSights.
When it comes to government IT, security must adapt to a changing digital landscape.
This Red Hat® whitepaper reveals how your government agency can build the open IT foundation you need to modernize app development, automate processes for boosted efficiency--and do it all while mitigating security risks across...
Modern IT teams must maintain compliance with an evolving set
of regulatory standards, track and secure sensitive data across
endpoints, and manage a dynamic inventory of physical and
cloud-based assets, all while fulfilling an increasingly common
executive mandate to make technology an enabler for...
Identity management is no longer a simple flash of a badge at an entry desk. The layers of complexity in password management and SSO are all deterrents in the speed of authentication at the user level.
Hear insights from new research:
Business Departments presenting the highest risk exposure;
What are key...
The ransomware blitz against the healthcare sector continues: A Utah clinic has reported an attack that potentially affected 320,000 patients, making it one of the largest breaches of its kind so far this year.