About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 4.3 million.
With the U.S. midterm elections approaching fast, Microsoft says it's seized six domain names tied to "Fancy Bear," a hacking team widely believed to be part of Russia's military intelligence agency, amplifying concerns that Moscow's election interference efforts continue.
For retailers, the benefits of selling gift cards extend well beyond the initial revenue. The purchase ensures a future shopping trip, and when redeeming gift cards, customers spend an average of 20% more than the value of the card. Considering their widespread popularity (93% of US consumers receive or give at least...
A federal judge in California has given final approval to a $115 million settlement involving health insurer Anthem over its 2015 data breach. The settlement is the largest ever reached in a data-breach related class action suit, but most victims will see no money.
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
Augusta University Health in Georgia says it just recently concluded that a phishing attack that occurred - and was detected - 10 months ago resulted in a breach potentially exposing information on 417,000 individuals. Security experts are questioning why the breach determination took so long.
An Australian teenager was such a fan of Apple that he hacked into the technology giant's mainframe, according to media reports. The teen has pleaded guilty to stealing 90 GB of sensitive information. But Apple says no customers' personally identifiable information was exposed.
U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
Malware detection needs to shift to detecting anomalous behavior, rather than depending on signature-based detection technologies to deal with such threats as sandbox-evading malware, says Verizon's Ashish Thapar.
A phishing attack on Wednesday fueled by the Necurs botnet targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee of Cofense, which detected the attack.
Successfully committing Card Not Present (CNP) fraud hinges on the thief's ability to convince the merchant that they are, in fact, the legitimate card holder. But when it comes to shipping, a fraudster can't flat out lie about their location - because then they won't get their goods! There are tricks that these...
Merchants reviewing online orders for card not present (CNP) fraud often rely on strict rules-based systems to decline transactions based on "risky" indicators. Although these types of processes can help reduce chargebacks, they also lead to high false decline rates and a less-than-ideal shopping experience for...
According to a recent global fraud study, over 90% of eCommerce merchants use the same tools to manage fraud across both web and mobile transactions. While over 80% of merchants support mobile shopping, only 52% track fraud rates by channel.
As mCommerce becomes more prominent, neglecting to adjust fraud management...
The 2018 State of the Phish Report presents analysis of data that can help CISO's and their teams identify opportunities to manage end-user risk. The report delivers the types of data infosec professionals are seeking as they develop their own security awareness training programs.
Download this report to learn more...
A cryptocurrency investor is suing AT&T for $240 million, alleging he lost $24 million in virtual currency after the carrier failed to stop two separate attacks where his phone number was commandeered by attackers. The incident highlights the dangers of using a phone number as an authentication channel.