Three banking trade groups are objecting to provisions of a bill now pending in Congress that would require security incident reporting within 24 hours of discovery. They also are raising concerns about other provisions.
It's unlikely that the U.S. abandoning its embassy and other facilities in Afghanistan poses cyber risks, thanks to the emergency planning that was already in place, some security experts say.
FireEye researchers and CISA are warning about a critical vulnerability that could allow an attacker to gain remote access to compromised IoT devices, such as connected security cameras, according to a report. The flaw could affect millions of connected devices.
T-Mobile USA has confirmed that attackers accessed its computer systems, but the mobile communications provider is still investigating whether customers' personal data was exposed. Cybercrime experts say the attackers apparently involved have been tied to previous crimes targeting telecommunications since at least...
Scientists from the University of Maryland and the University of Colorado Boulder say they have discovered a new way that attackers could launch reflected denial-of-service amplification attacks over TCP by abusing middleboxes and censorship infrastructure.
A group of cybersecurity professionals has launched Respect in Security to take a stand against all forms of harassment within the industry. Initiative co-founders Lisa Forte and Rik Ferguson describe their commitment to creating workplaces free from harassment and fear.
When is a data exposure not just a data exposure? According to a U.S. Securities and Exchange Commission order, education publishing giant Pearson misled investors when it failed to proactively inform them that attackers had stolen millions of rows of student information, including poorly hashed passwords.
The FFIEC has issued updated guidance advising banks to use stronger access controls and multifactor authentication. Some experts call the update "long overdue."
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
Fraudulent emails portrayed as coming from the Financial Industry Regulatory Authority, a not-for-profit organization that oversees brokerage firms and exchange markets in the U.S., are asking member firms to provide information or face penalties, FINRA warns.
T-Mobile USA says it is investigating a claim that as many as 100 million accounts may have been compromised in a data breach. The person who claims responsibility for the alleged breach says T-Mobile misconfigured a Gateway GPRS Support Node.
Joshua Brown, who recently took over as global CISO for H&R Block, has started tackling issues ranging from creating metrics for the security team to deploying "zero trust." Brown is striving to create an inclusive team to reflect the firm's values.
The London High Court has ordered the cryptocurrency exchange Binance to attempt to identify and freeze accounts belonging to the attackers who allegedly stole about $2.6 million from U.K.-based Fetch.ai.
Gökhan Yalçın, CISO of Turkey's Yapı Kredi Bank, says integral training for his role has included not just learning how to defend bank networks but also stints working for security vendors as a consultant supporting different sectors, which helped sharpen both his technical and nontechnical skills.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.