A former employee of a New York-based technology company, likely to be IoT technology company Ubiquiti, has been arrested for stealing confidential data and extorting his employer for nearly $2 million. If convicted, the suspect faces up to 37 years in prison.
Many ransomware-wielding attackers continue to rely on initial access brokers to easily gain deep access to victims' systems, allowing them to steal data and attempt to pressure victims into paying via data leak sites. Researchers say that the number of victims being listed on such sites has surged.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the FBI has seized bitcoins from an alleged REvil ransomware affiliate, how to mitigate risks from BIN attacks and the latest COVID-19 trends globally.
The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.
Planned Parenthood of Los Angeles is notifying about 400,000 individuals of a hacking incident in October involving the exfiltration of files containing sensitive health data, including patients' diagnoses and medical procedures. Could other similarly high-profile entities and their patients become the next targets?
Several cybersecurity officials charged with safeguarding U.S. critical infrastructure on Thursday outlined both current progress and the complexity of today's network defense. Oversight officials also testifying before the House discussed top-line items that remain outstanding among major agencies.
A new variant of the Aberebot banking Trojan has been discovered by Cyble's researchers. Christened Aberebot-2.0, the latest malware version not only uses more advanced spying capabilities, it also has increased its target list to 213 banking apps and nine crypto wallets in 22 countries.
A recently discovered botnet is infecting thousands of AT&T internet subscribers in the U.S., using a critical-severity blind command injection flaw first reported in 2017, according to new findings from China-based cybersecurity researchers.
The FBI has seized 39.9 bitcoins worth $2.3 million from an alleged affiliate of the notorious REvil - aka Sodinokibi - ransomware group. A forfeiture notice filed by the government accuses Russian national Aleksandr Sikerin of having amassed the cryptocurrency via victims' ransom payments.
The saying "Penny-wise, pound-foolish" is relevant when we talk to those friendly, knowledgeable finance people about ongoing employee screening due to the dreaded insider threat and the costs associated with it - which leads to us pulling out our hair in utter frustration. This rant is about that.
The Department of Health and Human Services has revealed its taken enforcement actions against five more healthcare providers in cases involving alleged failure to comply with the HIPAA Privacy Rule right of access provision. One includes a rare civil monetary penalty, which was levied against a physician.
An Ohio-based DNA testing company reported to regulators that the information of more than 2.1 million individuals contained in a legacy database was accessed and acquired in a hacking incident detected in August. The archived database contained personal information collected more than a decade ago.
A Microsoft zero-day vulnerability has not been fixed by the technology giant despite having been reported months ago, according to a security researcher. To protect users, a micropatching service, 0patch, has issued unofficial, free patches.
In her latest book, "Rhetoric of InSecurity: The Language of Danger, Fear and Safety in National and International Contexts," academic Victoria Baines questions the imagery and rhetoric we use to communicate safety and security issues, and details their unwelcome impact on the workforce.
Japanese multinational conglomerate Panasonic has disclosed a security breach that it says involved unnamed threat actors accessing servers on its network. The company says it detected the breach on Nov. 11. It was determined that some data on a file server had been accessed during the intrusion.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.