McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
With ransomware attackers having already launched attack code with themes ranging from horror movies and Pokemon to Hitler to cats, it was only a matter of time before they decided to beam Star Trek's Kirk and Spock direct to would-be victims' PCs.
Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.
Vice President Mike Pence used a personal AOL email account while governor of Indiana to conduct official business, and his account was hacked. Live by the private email account, die by the private email account?
For any of the tens of thousands of organization that may be smarting from this week's Amazon Web Services and Simple Storage Solution (S3) outage, take the following advice to heart: "You must kill your darlings."
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
Risk analysis is at the core of most card fraud prevention platforms used today, says Carol Alexander of CA Technologies. But what if the industry could take the lessons it's learned to other channels, enabling banking institutions to more readily identify potentially fraudulent transactions before they happen?
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
InterContinental Hotels Group is warning customers that malware infected point-of-sale devices at a dozen of its hotel restaurants and bars in North America and the Caribbean for up to four months in 2016. But it's unclear if the breach ties to reported exploits involving POS service providers.
An overlooked security setting on Twitter may have allowed a hacker to guess the password-reset email addresses tied to accounts used by President Donald Trump, first lady Melania Trump, Vice President Mike Pence plus a top adviser. What's the risk?
Say hello to Fruitfly, the first piece of Mac malware to be discovered this year. The two-year-old malicious code is odd - it includes code that dates from the late 1990s - and appears to be designed to exploit biomedical institutions via targeted attacks.