Hong Kong-based airline Cathay Pacific says the personal details of 9.4 million passengers were inappropriately accessed in March, a breach the company confirmed in early May but publicly revealed on Wednesday. That raises questions about whether the airline violated data breach disclosure regulations.
The Reserve Bank of India's new guidelines on interoperability of prepaid payment instruments will lead to better management of cybersecurity and security audits. But many questions are yet to be answered.
A proposed agreement that would settle a class action suit against Yahoo over devastating data breaches could see the company pay as much as $85 million. That adds to the $35 million fine levied by the SEC earlier this year, showing the high price to be paid for Yahoo's record data breaches.
Two years after Mirai botnets first appeared, security researchers say telnet-targeting botnets are attempting to compromise internet of things devices by pummeling them with 1,065 different username/password combinations. Some of these attacks are designed to install Linux DDoS malware.
Health insurer Anthem had earned HITRUST Common Security Framework certification before its mega-breach. Now that the insurer has agreed to a $16 million HIPAA settlement with federal regulators, who spelled out the company's security shortcomings, it's worth scrutinizing the value of adopting a framework.
Where is the secret spying chip devised by China that Bloomberg reported had worked its way into at least 30 companies, including Amazon and Apple? The report earlier this month alleging supply chain infiltration by China's People's Liberation Army triggered skepticism from the start - and it's growing.
A Russian national has been charged with coordinating a four-year campaign to spread divisive themes aimed at disrupting the U.S. political system. "Project Lakhta" allegedly employed hundreds of individuals who created bogus accounts on such platforms as Facebook and Twitter to sow false narratives.
Protecting "East-West" cloud traffic - the traffic between apps and virtual machines - is a significant challenge, but microsegmentation can help address it, says Raghu Raghuram of VMware.
Cryptojackers and eavesdroppers are continuing to exploit a one-time zero-day flaw in unpatched MikroTik routers, despite a patch that's been available for six months as well as the actions of a vigilante "gray hat" hacker who's forcibly "fixed" 100,000 vulnerable routers.
Attention admins: If you use libSSH - one of the open-source flavors of Secure Shell, or SSH - patch now. The advice follows the disclosure of a vulnerability that one expert, Paul Ducklin of Sophos, terms "comically bad."
The latest edition of the ISMG Security Report features an analysis of the results of over 1,000 cyberattack investigations in the U.K. Also: an update on the proposed NIST privacy framework and a report on voter registration information for sale on the dark web.
Facebook is eyeing spammers as being the culprits behind its recently disclosed mega-breach, The Wall Street Journal reports. Preliminary findings from Facebook's internal investigation suggest that the attackers were not affiliated with a nation-state, but rather part of a known spam ring, the newspaper reports.
Organizations can effectively rely on managed security services providers to take care of many tasks, but certain strategic security functions must be handled in-house, says Sid Deshpande, research director at Gartner.
IoT and OT risks are well publicized. But too often they are discussed in a consumer context. Tom Dolan of ForeScout Technologies wants to raise these topics in terms of enterprise risks - and how to mitigate them.
With at least 20 billion new consumer devices set to be internet-connected by 2020, initiatives in the U.K. and California are trying to ensure that as many IoT devices as possible will be out-of-the-box secure, for starters by not shipping with default passwords.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.