Department store chains Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor have suffered a data breach that apparently exposed details on 5 million payment cards. Cybersecurity firm Gemini Advisory says the JokerStash syndicate - aka Carbanak gang - is selling the stolen card data.
What impact with the Facebook data privacy controversy have on the social media company, and other tech giants, eventually competing with banks? James Wester of IDC sizes up the open banking implications.
Vendor risk management is becoming more critical as companies rely more on partners who have access to payment card data and other sensitive information, says Ramon Lipparoni, IT integration manager at ComAir, a South African airline. One critical step, he says, is conducting impromptu vendor audits.
Hackers have reportedly compromised over one lakh resumes uploaded on Naukri.com, an India-based job portal. A preliminary investigation has revealed that the IP address of the laptop used for the hacking was from Nigeria, according to the Deccan Herald.
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.
As mobile payments continue to grow in South Africa, it's important that application developers build security into their apps and correctly implement tokenization standards, says Jeremy King, international director of the PCI Security Standards Council.
With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
Ecuador's embassy in London has again revoked internet access for seven-year houseguest Julian Assange, saying the WikiLeaks chief violated an agreement to not interfere in other countries' matters. WikiLeaks' star has continued to fall since it's been revealed to be an apparent Russian stooge.
India's Haryana Power Corporation has confirmed that a hacker cryptolocked its billing system, demanding a ransom in exchange for the decryption key. The organization says it has refused to pay. The attack is a reminder that the power sector continues to be targeted by hackers.
Five days after a ransomware outbreak crypto-locked city systems, Atlanta has advised its 8,000 employees that they can once again boot their PCs and printers. But information security experts warn that the city's infrastructure still appears to have easily exploitable misconfigurations.
Ransomware isn't an easy area to study. But a team of researchers has calculated the minimum paid by all ransomware victims over a two-year period, and found that nearly 75 percent of the bitcoins attackers received got funneled onto Russia's now-shuttered BTC-e cryptocurrency exchange.
The alleged leader of a cybercrime gang tied to more than $1 billion in losses has been arrested in Alicante, Spain. Authorities say "Denis K." is a Ukrainian national who led a gang that developed Carbanak and Cobalt malware to infect PCs as well as perpetrate ATM jackpotting attacks.