Research and advisory firm Gartner estimated that nearly 75% of CEOs will be personally liable for the financial impact due to the growing Cyber-Physical System attacks by 2024.
It also predicted that incidents will increase in the coming years due to lack of focus and investment in cybersecurity.
Capital One has agreed to pay an $80 million fine to U.S. regulators over a major hacking incident last year in which authorities say about 100 million credit card applications were illegally accessed.
Garmin, an American Multinational Technology company specializing in GPS is said to be reigning under a ransomware cyber attack and so the website Garmin.com and the fitness tracking app of the same company dubbed Garmin Connect are unable for access to users since 11:33 PM of July 22nd, 2020.
A disturbing new development to Tokopedia’s massive user data leak has been reported, with a cyber security firm finding evidence that 91 million users’ private information were put up online over the weekend.
Hackers from North Korea have been stealing payment card information from customers of large retailers in the U.S. and Europe for at least a year, reveals new research released today.
KELA, a darknet intelligence firm discovered that a hacker group “KelvinSecurity” compromised the personal information of 384,319 BMW customers in the U.K. and put them for sale on various darknet forums, SC Magazine reported.
U.S. startup Algolia, which offers a web search product through a SaaS (Search-as-a-Service) model to more than 9,000 customers, this week revealed that it too was hit via the Salt vulnerability over the weekend.
The vulnerability only occurs if the Salt software is exposed to the Internet. A week ago, there were roughly 6,000 instances of exposed Salt masters.
SBTech mentions a “cybersecurity incident” that took place on March 27, shortly after Diamond Eagle Acquisition Corporation (DEAC) agreed to acquire the firm and rival platform DraftKings with plans to merge the two later this year.
The company has set aside up to $100 million to fix a mess left when a cybersecurity incident hit right in the midst of a merger.
It's now been revealed it was a ransomware cyber-attack, in which files are scrambled until a ransom is paid, which is being investigated by the National Crime Agency .
And the council has also confirmed the attack could delay children in finding out which secondary school they'll go to.
Researchers at NinTechNet reported an ongoing campaign, observed in the past hours, that is actively exploiting a zero-day flaw in the WordPress Flexible Checkout Fields for WooCommerce plugin.
The plugin has over 20,000 active installations.
A local authority in the north-east of England appears to have suffered a major ransomware attack, leaving online public services down for 135,000 locals, for over a week.
The Auckland-based company – which provides savings funds as part of the government-run KiwiSaver scheme – disclosed that an unauthorized third-party had gained access to its online application system.
Cybercrooks maintained access to savings company’s application system for a month.
The Russian security expert Vladislav Yarmak has published technical details about a backdoor mechanism he discovered in HiSilicon-based products.
HiSilicon is the largest domestic designer of integrated circuits in China, its chips are used by millions of IoT devices worldwide, including security cameras, DVRs, and NVRs.
This goes to show how easy it is to target even top-level people, and that they need to improve their security practices. Bezos’ phone was hacked and he had to endure personal and financial loss as he kept his individual and business data on the same phone.
The exposed servers contained roughly 250 million entries, with information such as email addresses, IP addresses, and support case details. Microsoft said that most of the records didn't contain any personal user information.
Researchers set up a honeypot to monitor what cyber criminals are doing when they target industrial environments.
Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware. The Sodinokibi was demanding close to $500,000 ransom to receive a decryptor for their network. Sodinokibi has also started to publicly leak the stolen data of victims if a ransom is not paid.
Bulgaria’s finance minister apologized to the country on Tuesday after admitting hackers had stolen millions of taxpayers’ financial data in an attack that one researcher said may have compromised nearly every adult’s personal records.
The breach of servers at the tax agency (NRA) happened at the end of June and an official there said it was probably carried out from abroad. A person claiming to be a Russian hacker emailed local media on Monday offering access to the stolen data.
Analysis shows insured business interruption losses from a cyber catastrophe could reach an estimated $3.25 billion.
Researchers analyzed a total of 41,686 security incidents, of which there were 2,013 data breaches, for the publication. More than half (52 percent) of those reported breaches involved some form of hacking.
Ponemon Institute’s research stated that in 2018, the survey respondents spent an average of $1.43 million because of the damage or theft of IT assets. They also pegged the average cost of a breach at $3.5 million – an increase of 6.4% over the previous year. Do not wait to be a company that will make a reactionary change in a bad situation; be the company that is proactive, and addresses the challenges and risks head-on.
UK and US businesses are still leaving their doors wide open to cyber attacks, despite significant security investments and focus, according to a report based on an independent survey of 300 operational IT decision-makers and 300 security IT decision-makers.
60% of responders said they have experienced a serious security breach in the past two years, with 31% saying this has happened more than once.
vpnMentor’s research team discovered a hack affecting 80 million US households, and the incident is still actively leaking data. Researchers discovered an unprotected database impacting up to 65% of US households. The 24 GB database includes the number of people living in each household with their full names, their marital status, income bracket, age, and more.
The FBI's Internet Crime Complaint Center (IC3) in 2018 received 351,936 complaints of Internet-related crimes and scams that amassed some $2.7 billion in financial losses.
2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report.
US healthcare firm EmCare Inc disclosed that a number of employees’ email accounts had been accessed, potentially exposing personal information of almost 60,000 people, including 31,000 patients.
A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall.
The hacker listed personal data from many breached companies including Dubsmash, Armor Games, 500px, Whitepages, Evite, Mindjolt, iCracked, Moda Operandi, and ShareThis.
A new survey offers a chilling, if unsurprising, view of cybersecurity. Many people believe CTOs and CIOs of breached companies should be fired.
Figures for 2017 suggest 16.7 million Americans had their identities thieved. It can only have been much worse in 2018.
Sophos worked with market research company Vanson Bourne to survey 3,100 IT managers across the globe. The survey covered companies in 12 countries, and quizzed organizations with as few as 100 users and as many as 5,000, finding that 68% of companies had been hit by a cyberattack in the last year.
The reason surfaced quickly enough; companies can’t see what’s happening on their endpoint devices. It leaves them struggling to prevent attacks or even to know how and when they happened.
The General Data Protection Regulation (GDPR) officially went into effect across the European Union on May 25, 2018. Since then, more than 59,000 personal breaches have been reported to regulators.
Failure to comply with GDPR can cost fines up to €10 million ($11.4 million) or up to 2% of the firm's global annual turnover for the previous financial year – whichever is higher.
Duke Energy, a US energy company, received a $10 million fine from the North American Electric Reliability Corporation (NERC) for nearly 130 violations of the Critical Infrastructure Protection (CIP) standards.
The list of issues includes improperly configured firewalls and intrusion detection systems; failure to implement proper physical access controls; failure to install available software patches for months and even years; failure to implement security event monitoring; shared passwords, default accounts and other account management issues; snd failure to protect bulk electric system (BES) information.
The Data Privacy Benchmark Study shows that organizations that have invested in customer privacy requirements, mainly to become GDPR compliant and to avoid fines and penalties, are seeing some benefits beyond GDPR compliance.
The number of organizations that have reported sales delays due to data privacy concerns has increased to 87%, from 66% in the previous year. However, Cisco found that sales delays were 1-2 weeks shorter in the case of GDPR-ready organizations, compared to ones that expect to become compliant within a year or more.
Sword GRC canvassed amost 150 risk managers from highly risk-aware organizations worldwide for their opinions. Overall, cybersecurity was seen as the biggest risk to business by a quarter of organizations.
Internet security researcher Troy Hunt has discovered the largest collection of breached data, comprising more than 770 million unique email addresses and more than 21 million unique passwords.
People take lists like these that contain our email addresses and passwords then they attempt to see where else they work,
he said.
The success of this approach is predicated on the fact that people reuse the same credentials on multiple services.