CISOs are turning to drink, drugs & meditation to overcome the inevitability of breaches in the face of inadequate human or financial resources to defend their organisations; as 1 in 5 are available 24/7.
The 'Genesis' market is different from the norm: cyber-criminals are selling digital fingerprints with the full data of more than 60,000 users already being traded.
Survey finds that organisations are struggling with IT system complexity with nearly two-thirds of businesses (60 percent) suffering a severe certificate-related outage within the past 12 months.
Facebook will pivot toward privacy over the next few years, "building a privacy-focused messaging and social networking platform" that includes end-to-end encryption, CEO Mark Zuckerberg said Wednesday.
What do the 3ve ad fraud campaign, the Magecart credit card skimming attacks and the Facebook-Cambridge Analytica scandal have in common? They were all made possible through the use of unmanaged third-party code
The drive-in fast food chain Sonic is being sued by the American Airlines Federal Credit Union for US$ 5 million (£3.8 million) in an attempt to recoup money the credit union lost due to Sonic's data breach in 2017.
30 years ago, in 1989, the Berlin Wall came down, SC made its debut in the UK, and Sir Tim Berners-Lee was inventing the World Wide Web while at CERN, the European Particle Physics Laboratory.
North Korean hacking Lazarus Group's Operation Sharpshooter campaign, used "extremely convincing" job recruitment emails to target defence, government, finance, energy and critical infrastructure organisations across the world, according to McAfee researchers.
Although attackers are more persistent than ever, organisations are getting better at detecting breaches - on average discovering the intrusions about a week earlier.
Can hype-scarred cyber-security pros dare to be hopeful about artificial intelligence as a means to ease the acute information security labour shortage?
A number of factors including the lack of open source governance programmes has resulted in a 71 percent rise in open source breaches over the past five years.
"Microsegmentation is the means to a zero-trust security network because it is identity-driven and able to isolate threat actors on a network at a granular level. It protects an organisation's critical assets and minimises the impact of cyber-attacks."
Scammers using a major event to separate fools from their money is nothing new so several took advantage of the first live concert ever streamed through the massively popular video game Fortnite to sell non-existent tickets to gullible game players.
New report finds stories in the media affect firms approach and priorities. Data breaches reported in the media is having a significant affect on the approaches to a business's cyber-security and the priorities of its strategy, a new report found.
A vulnerability in both the Bigscreen virtual reality app and the Unity game development platform on which it's built makes it possible for hackers to listen to conversations and access user computers, according to researchers at the University of New Haven.
A new phishing campaign distributing the credential-stealing malware Separ has over the last few weeks reportedly affected hundreds of business organisations, primarily those located in Southeast Asia and the Middle East.
Attackers can access the master password of many popular password managers, researchers have found, exposing users to massive risk of credential theft.
The hacker known as Gnosticplayers has placed a third set of databases up for sale on the Dream Market dark web marketplace.
The integrity of democracy itself is being undermined by the failure of Facebook and other social media giants to control 'fake news', MPs have said.
New version of TrickBot bolsters its information stealing capabilities by targeting passwords for Virtual Network Computing (VCN), PuTTY, and Remote Desktop Protocol (RDP).
A dark web marketplace this week reportedly began selling stolen data linked to roughly 617 million user accounts from 16 different websites.
Law firms are increasingly being asked to supply ever-greater amounts of evidence of data management safeguards to their corporate clients for GDPR compliance.
Facebook will no longer be allowed to combine German users' data taken from WhatsApp, Instagram and Facebook Messenger, according to the German competition authority.
An unauthorised party illegally accessed data from TV and movie "scrobbling" service Trakt more than four years ago, but only now are users learning about it.
Google has rolled out a new Chrome extension that will inform users if their passwords have been compromised.
The Huddle House restaurant chain reported it has closed a point-of-sale data breach that existed one of its third-party vendors from August 2017 until now.
New deception campaign on YouTube has tricked over 70,000 people into parting with personal details.
The American Civil Liberties Union (ACLU) and ACLU of Massachusetts are demanding the US Justice Department reveal how the FBI and other federal law enforcement agencies are using facial recognition technology.
Streaming media services are failing to provide their users with access to their data as required under the GDPR, according to complaints filed by Max Schrems and Noyb against eight companies.
The large collection of files on the MEGA cloud service that exposed nearly 773 million unique emails and 21 million unique passwords and was posted on a hacking forum, came from a number of breaches and sources.
A series of vulnerabilities in the hugely popular online survival game Fortnite could have allowed malicious actors to take over players' accounts, prompting developer Epic Games to fix the issues before a major incident transpired.
The World Economic Forum has identified cyber as one of the top risks to stability in the world in its Global Risks Report 2019 published this morning.
A recently discovered vulnerability in the Amadeus online reservation system made it possible to access and change reservations with just a booking number.
After experiencing several allegations of shady ties to the Russian government, in a twist of events it turns out that Kaspersky Lab may have assisted the National Security Agency (NSA) in capturing an alleged data thief.
Some Reddit users discovered they were locked out of their own accounts earlier this week after an apparent credential stuffing attack compelled the popular website to invoke password security measures.
"Every customer that we see is going through some form of digital transformation (so we are talking about) ... how security plays into that, and what some of the challenges are in managing digital risk."
The data on about 285 Singapore Airlines' Krisflyer frequent flyer program members was exposed after a software glitch following a website update allowed frequent flyers see the data of others.
Marriott International may have bumped down the number of records affected by a breach of its Starwood division to 383 million, but the hotel chain admitted that five million passport numbers stolen in the incident by an unknown hacker were unencrypted.
GDPR has opened up corporate and public minds to the importance of data privacy, but even with punitive fines looming, many organisations failed to prepare, and as infractions work their way through the system, there are more serious consequences to come.
While 2018 was a big year in the EU for data protection and cyber-security legislation, legislators in the US were also busy with new laws to protect the citizenry.
District of Columbia Attorney General Karl Racine yesterday filed a civil lawsuit against Facebook, claiming the social media giant's failure to properly safeguard its users' data constitutes a violation of the district's Consumer Protection Procedures Act (CCPA).
Turning on a "smart" light bulb may be the latest way people inadvertently flood the internet with their personal information.
Firm forced to update Options app after Google researcher Tavis Ormandy reports flaw that would allow any website to connect and inject keystrokes.
Online retailers should be on high alert for attacks carried out by a Magecart-style credit card sniffing tool similar to the one used to carry out the British Airways and Ticketmaster hacks.
Session-hijacking side-channel attacks can risk exposing users messages in full, researchers at Cisco Talos Intelligence Group have found.
More than 120 million unique identification numbers issued by the Brazilian Federal Reserve to Brazilian citizens and tied to tax-paying resident aliens, spent months earlier this year publicly exposed on the internet.
Over the last year and a half, attackers compromised more than 40,000 credentials for various global government websites and portals, using a combination of spyware tools and phishing tactics.
After its breach, which compromised the personal data of 500 million customers, Marriott has agreed to pay for new passports if it has found that "fraud has taken place."
Citrix forced its users to reset their passwords after cyber-criminals began carrying out credential stuffing attacks against ShareFile accounts.
Sometimes a basic data breach is just the first step in a larger campaign.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout