Canadian Sebastien Vachon-Desjardins received a 20 year prison sentence from a U.S. judge based in Florida after coping to four felonies stemming from a stint as an affiliate of the NetWalker ransomware-as-a-service gang. “This is Jesse James meets the 21st century," said Judge William F. Jung.
A claim Wednesday by high-profile security researcher Kevin Beaumont that video doorbell manufacturer Ring was experiencing a security issue sent Twitter atwitter. Amazon says some users experienced logon issues due to a backend system error made during a routine system update.
A U.S. federal jury found Joe Sullivan, former chief security officer of Uber, guilty of covering up a 2016 data breach that exposed the personal information of tens of millions of account holders. The trial was a landmark, likely marking the first time a chief security officer has faced criminal charges over an...
A cybersecurity incident at Chicago-based CommonSpirit Health, a system of 1,500 healthcare sites across 21 states and one of the nation’s largest nonprofit healthcare systems, is disrupting medical care after the healthcare system took offline some of its electronic health records systems.
A cryptocurrency thief is hacking into other scammers' fraudulent liquidity mining websites to reach directly into the digital wallets of victims. The threat actor, dubbed "Water Labbu" by Trend Micro, has so far filched 316,728 USDT and infected 45 fraudulent decentralized applications.
Paige Thompson, the Capital One hacker known as "erratic," was sentenced to time served and five years of probation following her June conviction in U.S. federal court. The five-time felon exploited a weakness in web application firewalls on AWS accounts to steal data of 100 million individuals.
A hacker exploited a smart contract bug to steal about $29 million from DEX aggregator Transit Finance. Within hours of the theft, the attacker returned nearly $19 million - but not before keeping a $2 million "bug bounty" and losing $1.1 million to a bot theft.
Passwords are supported everywhere. But, says Andrew Shikiar, executive director of the FIDO Alliance, "they have been proven time and time again to simply be unfit for today's networked economy." In this episode of "Cybersecurity Unplugged," Shikiar discusses how to move beyond passwords.
North Korea is using weaponized versions of open-source utilities to spy on the technology, defense and entertainment sectors worldwide. Microsoft says it spotted fake profiles of supposed job recruiters who really are Pyongyang hackers manipulating victims into downloading Trojans.
Hackers, possibly Chinese, are exploiting Microsoft Exchange zero-day vulnerabilities to apparently implant backdoors and steal credentials. The computing giant says it doesn't yet have a patch, telling systems administrators to instead implement workarounds.
The transition to PCI DSS v4.0 is a major inflection point for the payments industry – not only does it restructure how risk is assessed, but it also provides a better foundation for meeting ongoing technical innovation. While organizations with mature programs may need comparatively little uplift, all organizations...
Over his 23-year career in cybersecurity, Tom Kellermann has focused on policy, endpoints and even strategic investments. Now, in his new role as senior vice president of cyber strategy at Contrast Security, his mission is to protect code security - particularly in the public and financial sectors.
The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
The latest edition of the ISMG Security Report discusses what went wrong for Optus in the wake of one of Australia's biggest data breach incidents, the state of code security today and the growing trend of private equity firms pursuing take-private deals.
American Airlines says unauthorized access to its email system is behind a July data breach incident affecting more than 1,700 individuals. Someone synced with an employee's inbox to send out phishing emails that appeared to come from the Texas-based airliner.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
