There's data breach good news and bad news for organizations in Europe, the Middle East and Africa, says Mike Trevett of FireEye's Mandiant. In general, attackers are dwelling in networks for less time before being discovered, except for some particularly long-lasting breaches in EMEA.
The explosion in the growth and diversity of devices linked to networks as a result of the internet of things and BYOD makes it more challenging to manage network security, says Wallace Sann of ForeScout.
The anti-Kaspersky Lab rhetoric continues to heat up, with the European Parliament passing a motion that brands the Moscow-based firm's software as being "confirmed as malicious." In response, Kaspersky Lab has halted all work with European institutions, including Europol, pending clarification.
Nearly three weeks after human resources software vendor PageUp discovered malware on its system, the tally of what data was exposed remains unclear, although successful job applicants appear to have been hardest hit.
The U.K.'s Dixons Carphone is investigating a data breach that resulted in the suspected exposure of 5.9 million payment cards and nonfinancial information for 1.2 million customers. The incident could become the first U.K. breach to fall under the EU's General Data Protection Regulation.
Banco de Chile has become the latest victim of a SWIFT-related malware incident. Attackers first corrupted thousands of PCs' master boot records as a distraction. Then they used fraudulent SWIFT messages to steal $10 million.
As bitcoin continues its massive price fluctuations, a new report says criminals have continued their push to get extortion and ransom payments in more stable cryptocurrencies. But bitcoins remain a top target for hackers, who most often choose to directly target cryptocurrency exchanges.
PageUp, an HR software developer in Australia with clients worldwide, is warning that malware-wielding attackers may have accessed a raft of personal data stored in its systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February.
The U.S. Treasury Department announced Monday that it has imposed sanctions on five Russian organizations and three individuals, the latest move by the Trump administration in response to Russian cyberattacks.
South Korean cryptocurrency exchange Coinrail says hackers stole 30 percent of all of the cryptocurrency tokens it was storing, but many have been successfully frozen or recalled. Security experts say cryptocurrency exchanges remain poorly secured, so they're popular targets for hackers.
The Department of Homeland Security has issued two more alerts about cyber vulnerabilities in certain medical devices. The stream of recent advisories is helping to draw more attention to the importance of addressing device security. But healthcare providers face the challenge of tracking and mitigating all risks.
One day, organizations may be able to self-certify their GDPR compliance, says an official at the U.K.'s data privacy regulator. Regardless, experts recommend that organizations ensure they are focusing on continuous GDPR compliance and regularly testing their data breach response plans.