A ransomware attack has held London-based foreign currency exchange firm Travelex hostage since New Year's Day, the company confirmed Tuesday. It appears that the Sodinokibi group is behind the attack and is asking for millions from the company.
The FBI has sent a letter to Apple asking for help in accessing encrypted data from two iPhones belonging to a deceased shooter. The bureau's move may be a prelude to another legal fight between the FBI and Apple over strong encryption.
Complex, manual processes and disparate, disconnected tools make it difficult for security and IT teams to mount a cohesive response. Bryce Schroeder of ServiceNow discusses a more effective approach to vulnerability response.
Although the government's latest revised draft of India's proposed data protection bill is drawing harsh criticism, the nation will eventually adopt a measure that adequately addresses privacy issues and evolves over time, predicts Maninder Bharadwaj, partner, risk advisory, at Deloitte.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.
Accenture plans to buy the former Symantec Cyber Security Services business from Broadcom for an undisclosed sum, the two companies announced Tuesday. The deal comes only five months after Broadcom paid $10.7 billion for Symantec's entire enterprise security division.
In the wake of the killing of an Iranian general in a U.S. drone attack last week, organizations - especially healthcare entities and units of government that have been vulnerable to ransomware attacks - need to be on guard against destructive "wiper" attacks, says Caleb Barlow of CynergisTek.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
In a video interview, Justice B.N. Srikrishna, chairman of India's Data Protection Committee, explains why he's disappointed with the revised draft of a data protection bill, which he says diluted most of the provisions that the committee had proposed.
The DHS says the defacement of a U.S. government website over the weekend is not linked to Iranian state-sponsored actors. Attackers posted a pro-Iran message with a photo of President Donald Trump being punched in the face. The website, belonging to the Federal Depository Library Program, is now offline.
"Data sovereignty is required for the growth of the country, and as data is the new oil, we would like to preserve it appropriately and in a secure manner within the country, which can be used for the betterment of the country," says Bharat Pancha of FIS Global, in support of data localization in India.
A persistent question over the past several years is which managed service providers were affected by APT10, a tenacious Chinese hacking group. But a Wall Street Journal investigation on Monday has revealed new companies affected by Cloud Hopper attacks.
While Congress is unlikely to pass major new national cybersecurity legislation in an election year, federal regulators and state attorneys general will be busy addressing evolving health data privacy and security issues in 2020, predicts attorney Marcus Christian of the law firm Mayer Brown.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.