Credit reporting giant Equifax has negotiated a proposed settlement that could reach $700 million to resolve federal and state probes into its massive 2017 data breach, as well as a nationwide class action lawsuit. The company's total post-breach tab is likely to exceed $2 billion.
Business email compromise scams are surging, and they're costing U.S. companies a total of more than $300 million a month, according to a recently released analysis by the U.S. Treasury Department. The report pinpoints which sectors are hardest hit by this type of fraud.
A Texas-based healthcare system says hackers unsuccessfully tried to divert employee payroll direct deposits through a phishing attack that also potentially exposed patient data. The incident illustrates how business processes can help avert theft.
The Internal Revenue Services' internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to a U.S. Government Accountability Office audit.
An Australian cybersecurity company says it tricked BlackBerry's Cylance Protect anti-virus product into believing that some of the most pernicious types of malware, including WannaCry and the SamSam ransomware, were benign programs.
Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details, according to researchers at the security firm Cofense.
Authorities in the Netherlands recently levied a $516,000 fine under the General Data Protection Regulation against a hospital in the Hague in connection with a data breach involving "dozens" of staffers who snooped on the electronic medical records of a celebrity.
Weeks after Microsoft issued a patch for the BlueKeep vulnerability, which threatens devices running older versions of Windows, many organizations worldwide have yet to install patches despite alerts from the software giant, government agencies and cybersecurity companies, according to researchers at BitSight.
The impact of the massive American Medical Collection Agency data breach continues to grow. At least two more laboratories have said their patients' data was potentially compromised by the breach. Meanwhile, court filings accuse AMCA of a lack of "cooperation and transparency" in the wake of the incident.
Bulgaria's national cybercrime unit has arrested a 20-year-old local man for his alleged role in breaching the country's tax servers and exposing the financial details and other personal data of nearly 5 million citizens, according to news media reports.
A 20-year-old Dutch man suspected of creating the Rubella Macro Builder toolkit and distributing it on underground forums has been arrested by the Dutch National Police, which received assistance from McAfee. Rubella and other toolkits enable attackers to distribute malware through weaponized Office documents.
With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn. Driven also by attackers wielding Ryuk, Dharma and Phobos, ransom payments by victims have been surging.
At a Senate committee hearing on Tuesday, lawmakers grilled a Facebook executive about the company's plans to launch a cryptocurrency. One Democratic senator said Facebook "does not respect the power of the technologies they are playing with - like a toddler who has gotten his hands on a book of matches."
The sentencing of a former worker at a substance abuse treatment provider in connection with a Medicaid fraud conspiracy "is an important reminder about the threats from insiders," one privacy attorney says.
A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
