A batch of documents meant to be kept under court seal lays bare Facebook's strategic brokering of access to user data to reward partners and punish potential rivals. The material also demonstrates Facebook's views at the time on privacy and the risks of leaking data.
Thousands of emails from four senior aides within the National Republican Congressional Committee were exposed after their accounts were compromised for several months earlier this year, Politico reports. Few details have been released about the incident, which was investigated by Crowdstrike.
To combat cyberattacks, more nations must not only hold nation-state attackers accountable, but also better cooperate by backing each other's attribution, said Estonian politician Marina Kaljurand, who chairs the Global Commission on the Stability of Cyberspace, in her opening keynote speech at Black Hat Europe 2018.
Next to corporate communications that claim that "your security is important to us," any website post titled "security update" portends bad news. So too for question-and-answer site Quora, which says a hack exposed 100 million users' personal details, including hashed passwords and private content.
The Black Hat Europe information security conference returns to London, featuring 40 research-rich sessions covering diverse topics, including politically motivated cyberattacks, recovering passwords from keyboards thanks to thermal emanations, hacking Microsoft Edge and detecting "deep fakes."
Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps.
Dell and Dunkin Donuts have both initiated password resets after experiencing separate security incidents aimed at gaining access to customer accounts. The impacts of the attacks, however, appear to be limited.
Organizations in all sectors struggle with mitigating the insider threat, but it's an acute concern in healthcare, where patients' lives are at stake. Pete Nourse of Veriato outlines specific threats to this sector.
In the latest edition of the ISMG Security Report, hear prosecutors discuss the indictments of two Iranians in connection with SamSam ransomware attacks. Also: Updates on allegations that Google is violating GDPR and cryptocurrency's impact on crime trends.
A federal grand jury has indicted two Iranians for allegedly waging SamSam ransomware attacks on more than 200 entities, including Atlanta and other municipalities and six healthcare organizations. They collected $6 million in ransoms and caused more than $30 million in losses to victims, U.S. prosecutors allege.
The U.S. Department of Justice says eight individuals have been indicted - and three of them arrested abroad - as part of a multiyear FBI investigation into gangs that allegedly perpetrated digital advertising fraud via the Methbot and 3ve schemes.
A British lawmaker has obtained sealed U.S. court documents to reveal internal Facebook discussions about data security and privacy controls, as Parliament probes Facebook and other social media firms as well as Russian interference and fake news.
Cryptocurrency offers both immediacy and anonymity - traits that are attractive to threat actors looking to exploit organizations via ransomware or cryptomining. Laurence Pitt of Juniper Networks discusses why healthcare entities are uniquely vulnerable.
Amazon has blamed a technical error for its inadvertent exposure of some customers' names and email addresses online. The online retailing giant maintains that its systems were not breached. It says it's sent an email notification to all affected customers and that the problem has been fixed.
Cybercrime gangs continue to update or issue fresh versions of malware to mine for cryptocurrency, deliver crypto-locking ransomware, steal passwords and facilitate online bank account heists, according to new research reports.