Make sure your Amazon S3 buckets have no holes. A California vehicle financing company has learned the hard way after exposing up to 1 million records online related to auto loan holders, according to a researcher's report.
An analysis on why small businesses are increasingly being targeted by hackers leads the latest edition of the ISMG Security Report. Also, potential medical device hacks pose risk to patients, and payment fraud evolves as the threat landscape intensifies.
So far this year, we've seen heightened tensions between the U.S. and adversaries in Russia, North Korea and Iran. How do these tensions manifest on the cyber stage? Tom Kellermann of Strategic Cyber Ventures talks about the cyberwar risks brewing below the surface.
In an in-depth interview, Verizon's Ashish Thapar analyzes the results of the company's latest Data Breach Investigations Report, noting, for example, the spread of cyberespionage in several sectors worldwide. He also shares insights on effective mitigation strategies.
The ISMG Security Report leads with an analysis of how tactics used by Kremlin-tied actors to target political groups in France, Germany and the U.S. to influence foreign elections could be employed to damage the reputation of businesses.
Interpol, working with countries and security vendors, says it has uncovered 270 websites - including some government portals - compromised by malware. In some instances, the websites contained personal data of citizens.
Two men have pleaded guilty to hacking London-based telecommunications giant TalkTalk in 2015. Police say one of the men boasted in social media account chats about wiping and encrypting his hard drives, as well as taking part in the hack attack.
The purported hacking of computers of French presidential candidate Emmanuel Macron, by the same Russian group that targeted Hillary Clinton's campaign, signifies an expansion of the goals of the attackers that extend beyond trying to influence the outcome of Western elections.
In the wake of fraud reports, Blowout Cards has issued a security alert to customers, warning that an attacker hacked its website and installed a PHP file designed to skim payment card details at the time of purchase.
Word that President Donald Trump's cybersecurity executive order could be unveiled in days leads the latest edition of the ISMG Security Report. Also, large Australian companies anticipate rise in information security risk.
President Donald Trump last week failed to meet a self-imposed, 90-day deadline to issue a report on "hacking defenses." But let's not nit-pick. After all, cybersecurity is complex - something the president is likely discovering along with healthcare and tax reform.
Free advice for breached businesses: Once you admit that you've suffered a data breach or that you're investigating a security incident, disseminate that message far and wide so no one can accuse you of trying to cover it up. That's the lesson from an incident at BlowOut Cards, a sports card trading site.