APIs are increasingly being used to power new customer facing applications, connect with partners and drive microservices environments, but they also constantly expose and exchange sensitive data, making them an increasing target for attackers.
As with all things security there is no silver bullet to protect you...
The ransomware threat has scaled up to
match the new remote workforce. But have
backup policies and incident recovery
procedures improved to keep pace?
Download this eBook to learn more about:
Ransomware recovery challenges;
Securing a remote file-sharing environment;
Business continuity successes in crisis...
Australian shipping giant Toll Group recently suffered its second ransomware outbreak of the year, with Thomas Knudsen, the company's managing director, branding the latest attack as being "serious and regrettable." But was it preventable?
Attacks targeting cloud-based data nearly doubled in 2019 as companies shifted more of their valuable information off-premises and misconfigurations and other issues made it more vulnerable, according to the 2020 Verizon Data Breach Investigations Report. Observers expect the trend to continue this year.
European budget airline EasyJet says it suffered a data breach that exposed 9 million customers' personal details. While no passport details were exposed, the company's ongoing investigation has also found that attackers "accessed" a small number - just 2,208 - of customers' payment card details.
Cryptocurrency-mining hackers appear to be behind a recent spate of supercomputer and high-performance computing system intrusions. But it's unclear if attackers might also have had data-stealing or espionage intentions.
Covve Visual Network Ltd., a Cyprus-based app developer, acknowledges that it's the owner of 90GB of data - including tens of millions of records - that apparently was left exposed on an open Elasticsearch database. A portion of the data was posted on a forum for trading data leaks.
Phishing scams continue to be a leading cause of health data breaches so far this year. But the theft of unencrypted laptops led to the biggest breach reported in 2020, and an insider breach involving a physician exposed data on thousands of patients.
Web hosting giant GoDaddy confirms that a data breach has affected about 28,000 of its customers' web hosting accounts, according to a news report. The company has reset passwords and usernames for some customers as a precaution, although it says no data appears to have been altered.
A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
A federal court recently granted final approval for an $8.9 million settlement of a class action lawsuit against Banner Health stemming from a 2016 data breach. The settlement spells out steps the Phoenix-based organization must take to improve information security.
What should an enterprise do when someone reaches out and claims to have the company's data or information about a breach? Although it can be a delicate situation to manage, there are sound approaches enterprises can take, says data breach expert Troy Hunt.
A California-based genetic testing laboratory has reported an email hacking incident that may have exposed medical information on nearly 233,000 individuals. It's the second-largest health data breach posted to the federal health data breach tally so far in 2020.
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.