Interpol, working with countries and security vendors, says it has uncovered 270 websites - including some government portals - compromised by malware. In some instances, the websites contained personal data of citizens.
Two men have pleaded guilty to hacking London-based telecommunications giant TalkTalk in 2015. Police say one of the men boasted in social media account chats about wiping and encrypting his hard drives, as well as taking part in the hack attack.
The government of India is taking the data protection and privacy bull by the horns, gunning for comprehensive data protection legislation within the next 5 months. Experts offer an analysis of what the nation needs.
Adam Mudd has been sentenced to a two-year prison term after he pleaded guilty to developing and selling "Titanium Stresser," an on-demand DDoS attack tool tied to over 1.7 million attacks worldwide. Separately, Britain's high court ruled that Lauri Love can fight a U.S. extradition request.
Warning: A dumped Equation Group exploit is designed to bypass authentication on 386 types of Oracle databases. One concern is that the exploit might be used by attackers such as the Lazarus Group to refine their attempts to inject fraudulent money-moving messages into the SWIFT network.
In the wake of fraud reports, Blowout Cards has issued a security alert to customers, warning that an attacker hacked its website and installed a PHP file designed to skim payment card details at the time of purchase.
More than15 years ago, the nation of Estonia rolled out a digital identity program for all citizens, allowing access to government services, banking, shopping - even voting. What lessons can global businesses learn from Estonia's example? Joseph Carson of Thycotic offers insight.
Singapore's Personal Data Protection Commission imposed a fine on Tech Mahindra for failing to protect personal details of 2.78 million Singtel customers. The investigation found a lack of reasonable security practices and accountability.
A federal judge has sentenced 32-year-old Russian hacker Roman Seleznev, aka "Track2," to serve 27 years in prison after he was convicted of defrauding 3,700 U.S. financial institutions of at least $169 million via point-of-sale malware attacks.
When an employee exits, it's essential to ensure their access rights don't go with them. Too often, however, organizations fail to track who's joining, leaving or changing roles, leaving them at increased risk of malicious activity.
Warning: Drop everything and patch all the Windows things now. That's the alert being sounded by security researchers in the wake of attackers adopting Equation Group attack tools designed to exploit an SMB flaw and install DoublePulsar backdoor.
The IRDAI requires all insurance organizations to appoint a CISO soon and expects them to formulate a cyber crisis management plan as an immediate step. Security leaders discuss the feasibility of meeting IRDAI's deadline.
Many organizations talk about engaging customers to help prevent fraud. Jim Van Dyke, CEO of Futurion, has new ideas for how to best involve customers in fighting fraud in three stages: Prevention, detection and resolution.
Cybersecurity startup Tanium failed to anonymize network data for a California hospital that appeared in live product demonstrations and online videos. It's the second crisis in a week for Tanium, whose CEO has been accused of unsavory behavior and the questionable sacking of senior executives.