A recent incident involving a chronic care management company spotlights how paying a ransom to recover decryption keys from ransomware attackers can put sensitive data at additional risk. Security experts offer insights on how to prepare for the many challenges posed by attacks.
Plaintiffs in a class action suit against Premera Blue Cross allege the company willfully destroyed a computer that may have shown that attackers actually removed data from its systems during a 2014 intrusion. Premera contends the computer, dubbed A23567-D, was "unintentionally" tagged end of life and destroyed.
The EU's General Data Protection Regulation, which has tough breach notification requirements, is spurring global interest in technologies to help prevent insider breaches, says Tony Pepper of Egress Software Technologies.
Nearly one-third of U.S. banking consumers use online and mobile fintech apps to help manage their money. But those users are concerned about data privacy and want more control over the financial data their apps can access, says David Fortney of The Clearing House, who reviews the results of a survey.
The latest edition of the ISMG Security Report offers an update on how Russian bots and trolls are spreading misinformation on vaccines via social media - and the public health impact of the campaign. Plus: Tips on disaster recovery, internet of things security.
Does social media fuel toxic politics and racial tension? We're still in the early of days of understanding the long-term effects of social media on society, but the early signs aren't good. It's time for social networks to take moral responsibility for content on their networks - even if they don't want it.
It's less than 10 weeks until your country's elections; do you know where your government's information warfare defenses and election security strategy are? The FBI says it's moving to counter information operations, while DHS is bolstering election security. But will it be enough?
Police in Shanghai are investigating the apparent loss of 130 million customers' personal details from Huazhu Hotels Group. The data exposure may trace to the Chinese hotel group's developers accidentally uploading to GitHub access credentials for a production database.
Microsoft appears set to patch a zero-day local privilege escalation vulnerability after a researcher published proof-of-concept exploit code for the flaw. That's a relatively rare turn of events these days, owing to Microsoft's bug bounty program rules.
Three months after the EU's General Data Protection Regulation went into full effect, the U.K.'s data privacy watchdog says that the number of data protection complaints it has received from individuals has nearly doubled.
Spain's central bank says its website was intermittently offline as it struggled to repel a distributed denial-of-service attack. The temporary disruption is a reminder "stresser/booter" DDoS-on-demand services remain inexpensive, easy to procure and often effective.
Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.