About 210 websites of central and state government departments in India were displaying personal details and Aadhaar numbers of beneficiaries. Security experts are questioning why auditors did not detect problems that led to the data leakage and say it's time to take strong action against faulty auditors.
It's boom time for the ransomware business as criminals continue to make easy cryptocurrency paydays via crypto-locking attacks. AlienVault's Javvad Malik and Chris Doman detail how crowdsourced threat intelligence can help in the fight against this threat.
Organizations rely on a variety of outside firms to deliver security services. But how can they get the most value? Catherine Buhler, CISO of BlueScope Steel, shares how she challenges managed security services providers.
Hollywood loves to portray hackers as wunderkinds with such exceptional cybercrime mojo that they can hack or crack anything. But as the AlphaBay takedown demonstrates, a simple mistake - reusing a Hotmail address - led to the administrator's arrest and the site's downfall.
The FBI and Europol announced that they've jointly shuttered the world's two biggest darknet marketplaces, AlphaBay and Hansa, which were responsible for more than 10 times the volume of sales as the notorious Silk Road marketplace.
Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
AusCERT is one of the oldest CERT's in the world, and Phil Cole says the independent organization is now laser-focused on helping enterprises across sectors to fundamentally improve their strategies and solutions for incident response.
Russian citizen Mark Vartanyan, aka "Kolypto," has been sentenced to serve five years in U.S. prison after he pleaded guilty to helping develop and distribute the notorious banking Trojan called Citadel.
Two Iranian nationals remain at large after being charged by the U.S. Department of Justice with hacking into a Vermont-based engineering firm and stealing software used to develop projectiles, ranging from bullets to GPS-guided artillery shells and missiles.
Ricoh's Australia office has notified banks, government agencies, universities and many large businesses about a curious data breach that, in some cases, exposed login credentials for its multifunction devices.
Dow Jones is blaming user error for an Amazon Web Services S3 bucket misconfiguration that exposed data on about 2.2 million customers. In recent months, Verizon, WWE, Scottrade and a data analytics firm aligned with the Republican Party have been similarly caught out.
An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.
Package-delivery giant FedEx is warning that the global outbreak of NotPetya malware will "materially impact" profits; its TNT Express international delivery service continues to experience "widespread service delays" as it struggles to restore crypto-locked systems.
What trait does a global cyberattack and a hurricane share? Both could cost insurers - and victims - dearly. In a new report, Lloyd's of London estimates that a major cloud services attack could trigger $53 billion in losses and cleanup costs.
Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.