Researchers with Armis have disclosed 11 zero-day vulnerabilities in the VxWorks real-time operating system that is used in some 2 billion embedded devices. Of all the "Urgent/11" vulnerabilities, six of the flaws are considered critical.
A Seattle-area woman has been charged with accessing tens of millions of Capital One credit card applications after allegedly taking advantage of a misconfigured firewall. The incident is likely to increase calls for better corporate caretaking of sensitive consumer data.
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.
National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further.
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. Also featured: An analysis of Equifax's settlement with the FTC and a discussion of a new report on the cost of data breaches.
When leveraging AI and machine learning to drive banking innovations, it is essential to take a structured approach in implementing security-by-design for conducting proper risk assessment of the organizations and people involved, says Sameer Ratolikar, CISO, HDFC Bank
The U.S. Justice Department and the Federal Trade Commission officially announced a privacy settlement with Facebook that includes a record-setting $5 billion fine. As part of the agreement, CEO Mark Zuckerberg must submit quarterly and annual reports to show that the company is in compliance with the FTC order.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
Former government contractor Harold Thomas Martin III has been sentenced to serve nine years in federal prison after he pleaded guilty to stealing and retaining classified and secret files and data from U.S. government agencies, including the National Security Agency and CIA.
Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit. The company's total post-breach tab is likely to exceed $2 billion.
Bulgaria's national cybercrime unit has arrested a 20-year-old local man for his alleged role in breaching the country's tax servers and exposing the financial details and other personal data of nearly 5 million citizens, according to news media reports.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.