The latest edition of the ISMG Security Report offers an analysis of how French cyber police disrupted a cryptomining malware gang. Also featured: Apple's botched patching of a jailbreaking vulnerability; an industry veteran's insights on battling payment card fraud.
Artificial intelligence and machine learning must be judiciously used, such as when monitoring internet of things devices, says David De Roure, professor of e-research at the University of Oxford, who offers insights on IoT risk management.
Google and the University of Chicago Medical Center have filed motions to dismiss a class action lawsuit that alleges patients' records were not properly de-identified by the hospital before they were shared with Google for research. Legal experts offer an analysis of the privacy case.
A new variant of the TrickBot banking Trojan is enabling attackers to conduct SIM swapping schemes against Verizon Wireless, Sprint and T-Mobile customers in the U.S., potentially paving the way for account takeover fraud, according to a report from Dell's SecureWorks division.
In a series of recent attacks attributed to the umbrella criminal group known as Magecart, malicious JavaScript code was injected into over 80 e-commerce websites to steal credit card and other customer data, according to a new report from the security firm Arxan, which highlights the sites' vulnerabilities.
A federal grand jury indictment of Seattle software engineer Paige A. Thompson charges her with stealing 100 million records from Capital One, stealing data from at least 29 other organizations, as well as using hacked cloud computing servers to mine for cryptocurrency.
When it comes to rethinking how enterprises structure their cybersecurity teams, Deborah Kish of Fasoo says that teamwork and better coordination among stakeholders are essential.
The United States' June cyberattack against Iran wiped out a critical database used by the nation's paramilitary arm to plan attacks against oil tankers and at least temporarily degraded Iran's ability to covertly target Persian Gulf shipping traffic, the New York Times reports.
Security firm Imperva is notifying some of its Cloud Web Application Firewall customers about a "security incident" that exposed certain data, CEO Chris Hylen reports in a blog post. What risks does the exposure create?
French police say they've disrupted the operations of the Retadup malware gang by subverting attackers' command-and-control infrastructure to delete the malicious code from 850,000 infected PCs and servers worldwide. The move came after police received a tip and technical assistance from security firm Avast.
Facebook won a victory in Germany after a court suspended an order from the Federal Cartel Office that sought to prohibit the social network from aggregating personal data from other services and sources. The Cartel Office plans to appeal the ruling.
The list of victims affected by the American Medical Collection Agency data breach continues to grow, with four more organizations recently identified. Meanwhile, other significant data breach reports have emerged from Presbyterian Healthcare Services in New Mexico and Massachusetts General Hospital.
Sweden's Data Protection Authority has issued its first fine for violations of the European Union's General Data Protection regulation after a school launched a facial recognition pilot program to track students' attendance without proper consent.
Security leadership requires far more than knowing about the latest technology, says Joyce Brocaglia, founder of the Executive Women's Forum, who offers insights on how CISOs can enhance their reputations.
What's the best way to define a "zero trust" approach to security? And what are the potential benefits? M.K. Palmore of Palo Alto Networks, a former FBI agent, offers insights on making the most of the approach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.