Several e-commerce sites were targeted with a card skimming campaign that used the Salesforce-owned Heroku cloud platform to host skimmer infrastructure and stolen credit card data, according to a new report from the security firm Malwarebytes.
Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...
A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to Blackberry Cylance. Analysts have observed evidence of the threat actors attempting to deliver ransomware with the 'PyXie' Trojan.
This year's Black Hat Europe conference in London features dozens of briefings touching on a wide variety of topics, including exploiting contactless payment and Bluetooth vulnerabilities, identifying vulnerable OEM IoT devices at scale and running false-flag cyberattacks.
Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.
Google has directly warned more than 12,000 users across 149 countries that they have been targeted by government-backed hackers. Google says the attack attempts occurred in the third quarter of this year and targeted users of such services as Gmail, Drive and YouTube.
South Korean cryptocurrency exchange Upbit says hackers have stolen $49 million worth of ethereum, in what is the year's seventh major cryptocurrency heist. Much of the $158 million stolen so far this year is likely fueling the North Korean regime's appetite for luxury goods and weapons of mass destruction.
Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.
Cloud solutions, the mobile workforce, the skills gap - these are among the security impacts that don't get enough attention when discussing digital transformation. David Ryder of Avast Business opens up on these topics.