An unsecured, internet-facing database belonging to cosmetic giant Estee Lauder exposed over 440 million company records, including email addresses and IT logs, a researcher discovered. What can be done to prevent such mishaps?
State government officials told a Senate committee this week that more federal resources are needed to help states combat security cyberthreats, including ransomware. They also asked federal officials to share more information on looming security issues.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
Security researchers have found that the developers of the Emotet Trojan have created a new way to spread it to more victims - attackers are using unsecured WiFi networks as a way to deliver the malware to more devices.
Israel's voter registration database - comprising close to 6.5 million people - was exposed to the internet because of an elementary coding flaw in an election application. It's unclear how long the exposure lasted or if bad actors accessed the data.
Although NIST's new privacy framework is agnostic toward any particular privacy law, "it gives organizations building blocks to help them meet any obligations under any particular law or jurisdiction" says Naomi Lefkovitz, a NIST senior privacy adviser.
Who's surprised Chinese military hackers allegedly hacked Equifax? For a foreign power that continues to attempt to amass personal information on its adversaries, targeting a business that gets rich by buying and selling Americans' personal data remains an obvious play.
Four members of China's People's Liberation Army have been indicted for allegedly hacking Equifax in 2017 and stealing the personal data of over 145 million Americans as well as a vast trove of the company's trade secrets and intellectual property, the U.S. Justice Department announced Monday.
Canada's privacy commissioner is taking Facebook to court to try to force the social network to make specific changes to its privacy practices. The regulator has no power to issue fines or binding orders, meaning it must petition the federal court to force Facebook to make changes.
Several law firms are racing to be among the first to file class action lawsuits against PIH Health in the wake of the California-based regional healthcare network reporting last month that a 2019 phishing breach affected nearly 200,000 individuals. Why the rush?
Over the weekend, an extensive disruption to Iran's telecommunication networks knocked out about 25 percent of the country's internet service for several hours, according to NetBlocks, which tracks internet freedom across the globe.
Which cybersecurity topics are hot? One topical answer to that question comes via the upcoming RSA Conference 2020. Organizers say they received 2,400 responses to their call for speakers, and they've have highlighted 10 predominant themes, including secure design, frameworks, privacy and the human element.
As healthcare providers around the world prepare to deal with potential cases of the novel coronavirus, U.S. regulators are reminding organizations about their HIPAA compliance duties involving patient privacy, including permitted data disclosures for public health activities.