The notorious carder site Joker's Stash is featuring a fresh batch of Pakistani banks' payment card data with an estimated street value of $3.5 million. Nearly all of the 70,000 bank cards are advertised as being from Meezan Bank, the country's largest Islamic bank, Group-IB reports.
Australia has faced a few tough weeks on the cybersecurity front. Toyota Australia's computer systems were still down Friday after an attempted cyberattack. A healthcare group acknowledged it was the victim of a ransomware attack. And last week, suspected nation-state attackers hit Parliament's email systems.
The latest edition of the ISMG Security Report describes vulnerabilities found in popular password generator apps. Plus, the evolution of blockchain as a utility and a new decryptor for GandCrab ransomware.
A misconfigured database at UW Medicine in Washington state that left patient data exposed on the internet for several weeks resulted in a breach affecting almost 1 million individuals. Why are breaches caused by such misconfigurations so common?
Facebook says it will soon issue a patch for a bug in its WhatsApp messenger application that can circumvent a security feature launched just last month for Apple devices. The flaw could let someone with physical access to a device bypass Face ID and Touch ID.
A Congressional committee is demanding Facebook provide answers concerning a complaint filed with the FTC alleging misleading privacy practices involving personal health information. The complaint also alleged a data leak exposed the names of over 10,000 cancer patients participating in a Facebook group.
Fast-food giant Wendy's has reached a $50 million settlement agreement with financial institutions that sued after attackers planted RAM-scraping malware on point-of-sale systems in 1,025 of its restaurants in 2015 and 2016, exfiltrating data for 18 million payment cards.
Among the hundreds of responses to a federal request for comments about potential changes to the HIPAA rules were suggestions for "safe harbors" that would shelter organizations with strong security strategies from HIPAA enforcement actions after a health data breach.
Achieving compliance is the start of your data security journey. Don't let it stop you before you get started
View this infographic to discover how IBM can protect your business from:
Theft of trade secrets and product designs
Exposed sensitive data in cloud and big-data environments
These days, data security breaches are more common than ever and more expensive. Global studies show that the average total cost of a data breach is now USD3.8 million. What's more, the loss of trade secrets, product designs or other intellectual property can spell financial ruin for an organization. Because of its...
In April 2018, IBM commissioned Forrester Research consulting to conduct a Total Economic Impact (TEI) study to examine the potential return on investment (ROI) that organizations may realize by deploying IBM Security Guardium. The study uncovered that organizations achieve cost and risk reductions while increasing...
Organizations are rapidly moving to the cloud, leveraging infrastructure as a service (IaaS), software as a service (SaaS), and platform as a service (PaaS) as new ways to optimize their business, even though these environments present new risks to sensitive data. Data security and protection technologies should be...
Guardium helps organisations efficiently identify the risk associated with personal and sensitive personal data that falls under the General Data Protection Regulation (GDPR). The service applies next generation data classification, as well as vulnerability scanning, to uncover risks associated with such data in cloud...
Virtualization is the creation of a logical rather than an actual physical version of something, such as a storage device, hardware platform, operating system, database or network resource. The usual goal of virtualization is to centralize administrative tasks while improving resilience, scalability and performance...
A security consultancy discovered Facebook user data exposed in two different places online without authentication or encryption. The data, which is now offline, came from an Android app that purported to offer statistical information to logged-in users.