Brisbane-based retail group Eagers Automotive is investigating a cyberattack that disrupted parts of its regional operations and compromised the personal information of some of its customers. Eagers said Tuesday it doesn't know the full extent of the hack, but it has started notifying customers.
In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024. Ransomware, emerging AI technology and nation-state campaigns are among the top threats.
A previously undiscovered critical exploit can allow threat actors to gain persistent, unauthorized access to Google services and connected accounts even after users have changed their passwords, cybersecurity researchers warn. They said the flaw enables hackers to manipulate the OAuth 2 protocol.
In this weekly update, four editors at Information Security Media Group delve into key 2023 cybersecurity issues, spotlighting efforts by the Biden administration, proposed U.S. healthcare cybersecurity laws, and crucial upcoming dates for the information security community.
Educational institutions are prime targets for ransomware and other cyberattacks due to their open nature and troves of sensitive data, requiring continuous investment in cyber defenses and strong security practices, said Steve Zuromski, CIO at Bridgewater State University in Massachusetts.
Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
All has not been quiet on the malicious cybersecurity front this year, thanks to constant cybercrime innovation, cyberattacks and cyberespionage, and malicious or inadvertent data breaches. Here are 12 notable incidents and trends of 2023 and their implications for the bigger cybersecurity picture.
Scammers are stealing hotels' log-in credentials for online travel site Booking.com and targeting their customers, experts warn. In many cases, attackers use Booking's own messaging system to contact customers and request their payment card data, they say.
Researchers have discovered an underground offering with the codename "Prolific Puma," which since 2020 has been the "largest and most dynamic" cybercrime link-shortening service on the market. Attackers use it to better target victims with phishing campaigns, scams and malware.
A recent attack by a Russian ransomware-as-a-service group that stole the personal information of 2.5 million patients of McLaren Health Care has triggered at least three proposed federal class action lawsuits in recent days, claiming the healthcare company failed to protect patient privacy.
A financially motivated criminal syndicate that mainly operates in Telegram and underground forums has expanded its criminal arsenal to deploy ransomware and other intrusion capabilities on various cloud applications, warn Mandiant researchers.
Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.
A new healthcare-focused research agency is seeking proposals for innovative cybersecurity technologies that can apply a national security approach to protecting this highly targeted civilian industry. Today's off-the-shelf software is falling short, the agency said.
With the rampant surge of fraudulent schemes hitting the world at the moment - including the creation of fake cryptocurrencies, bank websites and investment scams - a more dynamic and holistic approach to detection and prevention is mission-critical for banks and regulators.
Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.