Migrating computing resources to cloud environments opens up new attack surfaces previously unknown in the world of premise-based data centers. As a result, cloud-native data breaches frequently have different characteristics and follow a different progression than physical data breaches.
Download this case study...
Australia reportedly took a sensitive military recruiting database offline for 10 days in February following concerns it may have been compromised. The Defense Department says there's no evidence data was stolen.
Visser Precision, a U.S. manufacturer that supplies Boeing, Lockheed Martin, Tesla and SpaceX, appears to have been hit by the DoppelPaymer ransomware gang, which has begun leaking internal data and threatening to leak more unless the victim pays a ransom.
Walgreens' mobile app inadvertently disclosed personal messages to other customers due to an internal application error, revealing some health-related information. The company did not say how many people were affected.
A U.S. Defense Department agency that's responsible for providing secure communications and IT equipment for the president and other top government officials says a data breach of one of its systems may have exposed personal data, including Social Security numbers.
Hacking incidents involving email appear to be the most common type of major health data breach being reported to federal regulators so far in 2020. But the largest breach added to the tally involved a type of incident rarely seen in recent years: the theft of an unencrypted laptop.
The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure.
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
The latest edition of the ISMG Security Report discusses the ramifications of the U.K's decision to allow limited use of Huawei's equipment in 5G networks. Plus: Updates on Wawa's stolen card data offered for sale and nascent security threats from social networks and drones.
A California healthcare provider took nearly seven months to report to regulators a phishing incident that exposed information on 200,000 patients. Security experts are analyzing whether the delay could be justifiable.