New cybersecurity legislation under consideration in Singapore would make it mandatory for owners of critical information infrastructure to report security breaches within hours and require cybersecurity vendors providing highly sensitive services to be licensed.
London-based health insurer Bupa Global is warning international policyholders that a breach affecting 547,000 customers - with data showing up on darknet marketplace AlphaBay for sale - traces to a now-former employee.
Organizations need to take a well-considered, structured approach to integrating IoT into existing information risk management processes to address security, Gartner's Ganesh Ramamoorthy explains in an in-depth interview.
Verizon has apologized to customers after a contractor failed to secure an Amazon Web Services S3 bucket, leading to the exposure of data relating to 6 million accounts. But it's unclear if Verizon plans to notify customers whose data and accounts might be at risk.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Personal details of over 100 million customers of Reliance Jio were apparently leaked and offered for sale on the dark web, according to news reports. The company says the data appears to be inauthentic and claims it has not been breached. But some customers contend they've verified the data's authenticity.
Trump Hotels is warning customers that payment card data at 14 of its properties was compromised during a seven-month breach that affected service-provider Sabre. Other affected chains include Hard Rock Hotel & Casino and Loews Hotels.
Kudos to the breached business - in this case, kiosk manufacturer Avanti Markets - that quickly alerts victims and gives them actionable information for protecting themselves. Unfortunately, not all breached businesses are so forthright, as some recent data leaks demonstrate.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period. But it declined to say how many people are affected.
If Microsoft was to offer deep discounts in India for its Windows 10 operating system, as the government is proposing, would that help reduce the security risks posed by the widespread use of pirated versions? Security experts offer their views on the impact.
Police in Ukraine have seized servers operated by the Intellect Service, which develops the M.E. Doc accounting software used by 80 percent of Ukrainian businesses. Attackers backdoored the software to launch XData, NotPetya and fake WannaCry - aka FakeCry - malware campaigns.