The Reserve Bank of New Zealand disclosed Sunday that hackers infiltrated its network after compromising its file-sharing system from Accellion. The nation's central bank says the attack may have exposed commercial and consumer information, and other Accellion customers also had systems compromised.
JusPay, an Indian online payment platform, acknowledged Monday that it sustained a major breach of customer data in August. The announcement came a day after an independent security researcher reported that data on millions of JusPay customers had been offered for sale on a darknet forum.
More than two years after Europe's tough new General Data Protection Regulation came into full effect, EU privacy watchdogs are finding more consensus, and consumers have been benefiting, experts say. But how regulators apply sanctions, in particular, remains a work in progress.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
The latest edition of the ISMG Security Report features an analysis of what we know so far about the impact of the SolarWinds supply chain hack and how to respond.
The latest edition of the ISMG Security Report features an analysis of why the FireEye breach is a wake-up call for the cybersecurity industry. Also featured: Monero cryptocurrency scams; key considerations for cloud security.
FireEye's disclosure this week of the theft of its penetration testing tools - and its proactive response - has drawn praise but raised many questions, as well.
The European Medicines Agency, which helps evaluate and authorize medicines and vaccines in the EU, says it's investigating a cyberattack. The agency is working on approval of two COVID-19 vaccines.
FireEye, one of the world's top cybersecurity firms, says attackers stole its penetration testing tools and sought information about government clients. But FireEye doesn't believe the suspected nation-state hackers exfiltrated any data.
Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable. Beyond data-leak sites and affiliate programs, gangs have also been using call centers to cold-call victims, tell them they've been hit by ransomware and request payment.
New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including such employee information as Social Security numbers and financial account numbers.
Last week, fraudsters targeted two cryptocurrency platforms by accessing domains managed by GoDaddy, according to notices published by the victimized firms. The domain register company previously has had issues with unauthorized access.
A U.S. unit of Italian-based eyewear maker and eye care center conglomerate Luxottica has reported a breach affecting over 829,000 individuals - the fourth largest health data breach added to the U.S. federal tally so far this year. It's unclear if a recent ransomware attack is related.
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.