About 210 websites of central and state government departments in India were displaying personal details and Aadhaar numbers of beneficiaries. Security experts are questioning why auditors did not detect problems that led to the data leakage and say it's time to take strong action against faulty auditors.
It's boom time for the ransomware business as criminals continue to make easy cryptocurrency paydays via crypto-locking attacks. AlienVault's Javvad Malik and Chris Doman detail how crowdsourced threat intelligence can help in the fight against this threat.
Organizations rely on a variety of outside firms to deliver security services. But how can they get the most value? Catherine Buhler, CISO of BlueScope Steel, shares how she challenges managed security services providers.
Hollywood loves to portray hackers as wunderkinds with such exceptional cybercrime mojo that they can hack or crack anything. But as the AlphaBay takedown demonstrates, a simple mistake - reusing a Hotmail address - led to the administrator's arrest and the site's downfall.
A deep dive into the takedowns of AlphaBay and Hansa, and their impact on the secretive illicit darknet marketplace, leads the latest edition of the ISMG Security Report. Also, a puzzling breach at Ricoh Australia.
The FBI and Europol announced that they've jointly shuttered the world's two biggest darknet marketplaces, AlphaBay and Hansa, which were responsible for more than 10 times the volume of sales as the notorious Silk Road marketplace.
Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
AusCERT is one of the oldest CERT's in the world, and Phil Cole says the independent organization is now laser-focused on helping enterprises across sectors to fundamentally improve their strategies and solutions for incident response.
Russian citizen Mark Vartanyan, aka "Kolypto," has been sentenced to serve five years in U.S. prison after he pleaded guilty to helping develop and distribute the notorious banking Trojan called Citadel.
Two Iranian nationals remain at large after being charged by the U.S. Department of Justice with hacking into a Vermont-based engineering firm and stealing software used to develop projectiles, ranging from bullets to GPS-guided artillery shells and missiles.
Ricoh's Australia office has notified banks, government agencies, universities and many large businesses about a curious data breach that, in some cases, exposed login credentials for its multifunction devices.
Fighting a well-established cyber underground churning out increasingly complex malware requires that defenders change tactics to make it far more difficult for attackers to succeed, says Sajan Paul of Juniper Networks.
Dow Jones is blaming user error for an Amazon Web Services S3 bucket misconfiguration that exposed data on about 2.2 million customers. In recent months, Verizon, WWE, Scottrade and a data analytics firm aligned with the Republican Party have been similarly caught out.