A recent spate of attacks targeting domain name system protocols and registrars, including several incidents that researchers believe have ties to nation-state espionage, is prompting the U.S. and U.K. governments to issues warnings and policy updates to improve security.
Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit. The company's total post-breach tab is likely to exceed $2 billion.
Ireland's Data Protection Commission says it is "assessing" a report concerning minors who have business profiles on Instagram that may expose email addresses and phone numbers. As many as 5 million kids worldwide have business accounts, but often they have no discernible link to a real business.
Misconfigured file storage technologies and a lack of basic security controls are the root causes for the inadvertent online exposure of 2.3 billion files worldwide that contain personal information, including sensitive medical data, says Harrison Van Riper, a security researcher at Digital Shadows.
Planning your security programs to incorporate the right digital context - the IT environment, the business processes and the risks - is essential for success, says Avinash Prasad, vice president and head of the managed services business at Tata Communications.
A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network.
Authorities in the Netherlands recently levied a $516,000 fine under the General Data Protection Regulation against a hospital in the Hague in connection with a data breach involving "dozens" of staffers who snooped on the electronic medical records of a celebrity.
Weeks after Microsoft issued a patch for the BlueKeep vulnerability, which threatens devices running older versions of Windows, many organizations worldwide have yet to install patches despite alerts from the software giant, government agencies and cybersecurity companies, according to researchers at BitSight.
After recently issuing interim cybersecurity guidelines for private enterprises, Singapore has issued similar guidance for public sector agencies and departments in an effort to enhance data security in light of recent data breaches in the nation.
With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn. Driven also by attackers wielding Ryuk, Dharma and Phobos, ransom payments by victims have been surging.
At a Senate committee hearing on Tuesday, lawmakers grilled a Facebook executive about the company's plans to launch a cryptocurrency. One Democratic senator said Facebook "does not respect the power of the technologies they are playing with - like a toddler who has gotten his hands on a book of matches."
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
The Ministry of Road Transport and Highways reportedly informed the Parliament that it has earned around INR 65 crore, or about $9.5 million, by providing restricted access to a database of registered vehicles and drivers to private-sector companies. Is citizens' privacy at stake?