An attack spoofed internet routing information, resulting in anyone who visited MyEtherWallet.com - a free, open source web app for storing and sending ether-based tokens - instead being routed to an attacker-controlled site, leading to an estimated $320,000 in losses.
Yahoo, now known as Altaba, has agreed to a $35 million civil fine with the U.S. Securities and Exchange Commission to settle accusations that the search giant failed to promptly notify investors about a December 2014 data breach.
Visibility in the cloud includes understanding all aspects of critical applications and comparing this data in real time with historical data, says Sharon Besser of GuardiCore. This enables implementation of an effective and efficient security policy, he says.
Large healthcare companies in the U.S., Europe and Asia are getting hit with a backdoor that comes from a long-observed group, which Symantec calls Orangeworm. The backdoor has been found on X-ray machines and MRIs.
The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million after a March attack froze corporate servers, employees' PCs and resident-facing portals. Some security experts say the breach response funds would have been put to better use preventing the outbreak in the first place.
One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
Attackers rarely bother with technical sophistication when easy social engineering schemes, such as "hacking" a victim's social network and using it against them, can give them what they want, says Markus Jakobsson, chief scientist at the cybersecurity firm Agari.
To combat credential stuffing and other types of rising attacks, organizations need data - and lots of it - to feed machine learning and artificial intelligence algorithms to better detect these types of high volume attacks, says Shape Security's Dan Woods.
Alert fatigue is a serious problem in terms of risk management and security analyst turnover. Ted Julian of IBM Resilient discusses how artificial intelligence and machine learning can assist with orchestration and automation.
Malware is a pervasive problem that is constantly evolving, says Christopher Kruegel, CEO of the security firm Lastline, who shares key findings from new research.
Increasingly, SonicWall is focused on the midmarket, and CEO Bill Conner wants to help ensure that smaller and midsized enterprises have appropriate visibility into the threat landscape - the threat actors, as well as whom they are targeting.
Deception technology - which involves tricking hackers into lurking on bogus IT assets - can provide crucial intelligence on methods and motives. But is the technology worth the investment?
For years, Dawn Cappelli studied and wrote about the insider threat. Then she went to Rockwell Automation and built an insider program. She discusses the program's success and her expanded role as vice president and CISO.
As the world prepares for GDPR enforcement, a new Privacy Maturity Benchmark study finds that 65 percent of respondents say their organizations experience sales delays because of data privacy issues. Cisco's Michelle Dennedy outlines the concept of data friction.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.