Cybersecurity pros think the enemy is winning

Credit to Author: Joan Goodchild| Date: Tue, 11 Jun 2019 15:00:00 +0000

Recent research from Malwarebytes, ISSA, and ESG find that security professionals have little confidence in their ability to prevent their organization from being breached. What’s behind this mindset? And how can we turn the tide to stay a step ahead of the criminals?

Categories:

Tags:

(Read more…)

The post Cybersecurity pros think the enemy is winning appeared first on Malwarebytes Labs.

Read more

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Credit to Author: BrianKrebs| Date: Tue, 04 Jun 2019 21:45:59 +0000

Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm. That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients. Just a few days ago, the news was all about how Quest had suffered a major breach. But today’s disclosure by LabCorp. suggests we are nowhere near done hearing about other companies with millions of consumers victimized because of this incident: The AMCA is a New York company with a storied history of aggressively collecting debt for a broad range of businesses, including medical labs and hospitals, direct marketers, telecom companies, and state and local traffic/toll agencies.

Read more

NY Investigates Exposure of 885 Million Mortgage Documents

Credit to Author: BrianKrebs| Date: Fri, 31 May 2019 13:58:59 +0000

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. [NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful.

Read more

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Credit to Author: BrianKrebs| Date: Fri, 24 May 2019 20:47:11 +0000

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.

Read more

What to do when you discover a data breach

Credit to Author: Pieter Arntz| Date: Tue, 07 May 2019 15:00:00 +0000

You’ve discovered that your organization has been breached. Now what? Learn which steps to take in the immediate aftermath to limit the damage and preserve your company’s reputation.

Categories:

Tags:

(Read more…)

The post What to do when you discover a data breach appeared first on Malwarebytes Labs.

Read more

What to do when you discover a data breach?

Credit to Author: Pieter Arntz| Date: Tue, 07 May 2019 15:00:00 +0000

You’ve discovered that your organization has been breached. Now what? Learn which steps to take in the immediate aftermath to limit the damage and preserve your company’s reputation.

Categories:

Tags:

(Read more…)

The post What to do when you discover a data breach? appeared first on Malwarebytes Labs.

Read more

Data: E-Retail Hacks More Lucrative Than Ever

Credit to Author: BrianKrebs| Date: Tue, 30 Apr 2019 20:13:03 +0000

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores.

Read more

How Not to Acknowledge a Data Breach

Credit to Author: BrianKrebs| Date: Wed, 17 Apr 2019 17:56:58 +0000

I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it’s crystal clear that they wouldn’t know what to do with a breach if it bit them in the nose, let alone festered unmolested in some dark corner of their operations.

Read more

Experts: Breach at IT Outsourcing Giant Wipro

Credit to Author: BrianKrebs| Date: Mon, 15 Apr 2019 21:19:55 +0000

Indian information technology (IT) outsourcing and consulting giant Wipro [NYSE:WIT] is investigating reports from multiple security experts that Wipro’s systems have been hacked and are being used to launch attacks against the company’s customers, multiple sources tell KrebsOnSecurity. The company has refused to respond to questions about the alleged incident.

Read more

A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

Credit to Author: BrianKrebs| Date: Fri, 29 Mar 2019 19:22:40 +0000

On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Today, Buca’s parent firm announced it had remediated a 10-month breach of its payment systems at dozens of restaurants, including some locations of its other brands such as Earl of Sandwich and Planet Hollywood.

Read more

Ad Network Sizmek Probes Account Breach

Credit to Author: BrianKrebs| Date: Wed, 13 Mar 2019 20:56:39 +0000

Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an individual who’s been known to sell access to hacked online accounts kicked off an auction for “the admin panel of a big American ad platform.” “You can add new users to the ad system, edit existing ones and ad offers,” the seller wrote. The starting bid was $800.

Read more