The breach of porn site Brazzers - which allows users to swap fantasies in online forums - begs the question of how many users employed throwaway usernames and passwords. Some 1,446 U.S. military and 41 U.S. government email addresses were found in the data dump.
If Russia is, indeed, meddling with the U.S. election, there's an obvious explanation: It's irritated by U.S. policy. But if Russia's frustration is being expressed through cyberattacks, how can the U.S. respond?
Based on Lockheed Martin's experience in the aftermath of a data breach, the company advises organizations to diligently gather threat intelligence internally to support development of an effective mitigation strategy, says Chris Coryea, cyber intelligence specialist.
Tens of thousands of Cisco Adaptive Security Appliance devices remain vulnerable to a zero-day exploit released last month as part of the Equation Group toolset dump by Shadow Brokers, according to scans conducted by security firm Rapid7.
Web portal Rambler - likened by some to a Russian version of Yahoo - was reportedly hacked in 2012, resulting in the theft nearly 100 million user credentials. But the company disputes some aspects of the supposed breach.
Hutton Hotel says it failed to spot that its point-of-sale systems were compromised by malware for over three years. Separately, Noble House is now warning that its breach investigation uncovered 10 malware-infected hotels or restaurants.
Dear customer: "The security and privacy of your systems are our priority." Cue a new breach notification, this time from Lightspeed POS, which sells a cloud-based point-of-sale product used by 38,000 organizations.
The need for an adaptive security approach, the shift from breach prevention to detection and a surge in spending on information security were some of the key themes at the recent Gartner Security & Risk Management Summit in Mumbai.
A report on the implications of failing to notify manufacturers of security flaws in their medical devices and a conversation with internet co-founder Vint Cerf highlight the latest edition of the ISMG Security Report.
In their quest for easy ways to extort victims into giving them bitcoins, cybercriminals continue to double down on crypto-ransomware attacks and increasingly target enterprises, seeking proportionally higher paydays.
To the annals of super-bad historical mega breaches that no one knew about, add two new entries: Dropbox and Last.fm. Hackers reportedly stole tens of millions of usernames and passwords from each in 2012.
Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.
At least some of the alleged cybersecurity vulnerabilities in St. Jude Medical cardiac devices that were found by research firm MedSec Holdings don't necessarily translate to serious clinical risks for patients, says medical device security expert Kevin Fu.