The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
How many different shades of bizarre is the data breach notification issued by software vendor Blackbaud? Over the course of three paragraphs, Blackbaud normalizes hacking, congratulates its amazing cybersecurity team, and says it cares so much for its customers that it paid a ransom to attackers.
Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.
Any nationally chartered bank can now serve as a custodian of the cryptographic keys for a cryptocurrency wallet, according to a letter from the Office of the Comptroller of the Currency. James Wester of IDC analyzes the implications.
If the first rule of combating attempted election interference by nation-states is to watch for when it's happening, where does that leave Britain? A scathing report from Parliament's Intelligence and Security Committee concludes that national security was likely trumped by Russian money.
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
The U.S. Department of Justice has charged two Chinese nationals with hacking into the systems of hundreds of organizations in the U.S. and abroad. The suspects' activities allegedly included probing for vulnerabilities in systems at companies developing COVID-19 vaccines, treatments and testing tech.
Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks.
A federal judge has ruled that Facebook's lawsuit against NSO Group - alleging that the Israeli company illegally developed a zero-day exploit to spy on WhatsApp users - can proceed.
Europe's highest court has invalidated the Privacy Shield, a data-sharing agreement between the EU and U.S., on the grounds that the U.S. offers insufficient protection for Europeans' privacy rights. Privacy advocates say the ruling should drive the U.S. to rethink its policies.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.