To the annals of super-bad historical mega breaches that no one knew about, add two new entries: Dropbox and Last.fm. Hackers reportedly stole tens of millions of usernames and passwords from each in 2012.
Kimpton Hotels & Restaurants is warning that all 62 of its hotels suffered a POS malware infection this year that resulted in the compromise of cardholder data. So far it's unclear if the attack relates to breaches of Oracle MICROS or other POS vendors.
The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.
In an interview, Internet pioneer Vint Cerf says he sees a secure future for the network of networks he helped create four decades ago as the co-developer of TCP/IP, the protocol that facilitates internet communications.
Thai police say they have identified all of the suspects allegedly involved in recent "jackpotting" malware attacks against 21 ATMs, leading to the theft of 12 million baht ($350,000). The malware is a new strain called "Ripper," raising concerns for banks worldwide.
A report on an FBI warning to state election officials that their IT systems could be hacked leads the latest edition of the ISMG Security Report. Also, Australian officials mull bitcoin technology to secure elections.
Two hotel chains - Millennium and Noble House - are warning that they've suffered point-of-sale malware infections that compromised customers' payment card data. Both say they were alerted to related card fraud by the U.S. Secret Service. Could the breaches be tied to the Oracle MICROS breach?
A UAE-based activist targeted by a rare and valuable remote exploit for Apple's mobile software has caused concern over the continued sale of powerful spying tools to governments with poor human rights records.
Cisco has begun releasing updates for all ASA devices to patch them against a buffer overflow vulnerability that was targeted by leaked Equation Group attack tools. Attackers can exploit the flaw to gain remote control of ASA devices.
Australia's postal service is researching the use of the public cryptographic ledger known as blockchain for e-voting applications, but experts cast doubt on whether the approach would help resolve the many worries around internet voting.
If leading intelligence agencies can seemingly hack a wide variety of IT gear, what hope is there for enterprise security? Experts describe how organizations should respond to the recent dump of attack tools from the Equation Group, which is widely believed to be tied to the NSA.
Too often when organizations get shaken down by online criminals, they panic, and in the process make the predicament they're facing even worse, warns digital forensic investigator Ondrej Krehel in this video interview.
Ashley Madison, the extramarital online hookup service breached by attackers in 2015, has agreed to bolster its information security and data retention practices after regulators in Australia and Canada ruled that the site violated local privacy laws.