The California Consumer Privacy Act could cost companies in the state a total of $55 billion for initial compliance expenses, according to a new study prepared for the state attorney general's office. The landmark privacy legislation is slated to go into effect on Jan. 1, 2020.
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
Rather than focusing solely on rankings offered by the common vulnerability scoring system, or CVSS, when setting priorities for risk mitigation, organizations need to size up the specific potential risks that vulnerabilities pose to their critical assets, according to a new report from RiskSense.
Officials in New Zealand are investigating one or more data breaches at a healthcare provider that could have affected nearly 1 million patients. While the most recent cyber intrusion was discovered in August, it appears that attackers began accessing the Tū Ora Compass Health network as early as 2016.
Microsoft says that over the past two months, a hacking group apparently linked to Iran targeted email accounts associated with the campaign of one 2020 U.S. presidential candidate, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran.
A Nigerian man charged with helping to run a $1 million phishing scheme that targeted the Government Services Administration and other agencies has been extradited to the U.S., where he has pleaded not guilty to a wire fraud charge, according to the Justice Department.
Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks. But cybercrime attackers are increasingly running targeted campaigns, security researchers warn.
Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. The U.S., U.K. and Australia are asking Facebook to ensure law enforcement can access messages.
More than 600 ransomware attacks pummelled local governments, schools districts and healthcare providers across the U.S. in the first three quarters of this year, according to a study by security firm Emsisoft. Meanwhile, the FBI this week issued a fresh warning about the threat.
Ransomware crime reports are up 300 percent in Toronto, but it's not just the frequency of crimes that is a concern - it's the complexity, says Kenrick Bagnall, detective constable with the Toronto Police Service.
Connected devices - the sheer number of them and the scale of the cybersecurity risks they pose - are a top concern in 2020 and beyond, says Robert Falzon of Check Point Software Technologies, who weighs in on the threats and technologies he's watching.