Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says.
Password isn't a four-letter word, but for security leaders it is just as cringe-worthy. Single-factor authentication is putting organizations both large and small at risk of data breaches daily - and two-factor authentication can be just as risky, especially if access codes are delivered via text message. The best...
Federal government agencies experienced 12 percent fewer cyber incidents in 2018, when there were no "major" data breaches, according to a new White House report. But the report notes there's still plenty of risk mitigation work to be done.
State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning. Security experts say attackers continue to pummel local governments, and illicit profits have been rising.
This edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack.
Paige A. Thompson, who's been arrested on a charge of hacking into Capital One's network and taking the personal and financial data of 106 million individuals, is also suspected of stealing information from over 30 other organizations, according to new court documents.
Internal threat activities (privilege escalation, lateral movement, etc.) are difficult if not impossible to detect using endpoint and perimeter protection alone. ExtraHop Reveal(x) provides network traffic analysis that helps security analysts efficiently detect and investigate these late-stage threats, as well as...
Choice Hotels says about 700,000 guest records were exposed after one of its vendors copied data from its systems. Fraudsters discovered the unsecured database and tried to hold the hotel chain to ransom, which it ignored.
While health data breaches stemming from the loss or theft of unencrypted devices have nosedived in recent years, a handful of recent incidents serve as a reminder that these devices still can pose risks to patient data.
The U.S. Securities and Exchange Commission is investigating the exposure of personal and mortgage-related records from First American Financial Corp., according to security blogger Brian Krebs. First American spent $1.7 million on the incident in its second quarter, but investigations and lawsuits are looming.
The global nature of business and the presence and impact of cyber adversaries make it an organizational imperative to consistently re-assess the effectiveness of our security practices. Adopting best practices have become essential to consistently managing enterprise risk. Zero Trust offers security practitioners a...