Blackbaud is one of a growing number of organizations that say they paid ransomware attackers primarily for their promise to delete exfiltrated data. A class action lawsuit filed against the software vendor in the wake of its breach notification questions whether attackers' promises have any merit.
A global phishing campaign that purports to offer information about surgical masks and other personal protective equipment for use during the COVID-19 pandemic is infecting victims' devices with the AgentTesla remote access Trojan, according to researchers at Area 1 Security.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
About 54,000 Australian driver's licenses were exposed in an open Amazon Simple Storage Service bucket, according to a security researcher. It remains unclear what entity or agency exposed the data and whether those affected will be notified.
A former Cisco engineer has pleaded guilty to causing $1.4 million in damages to his former employer. Sudhish Kasaba Ramesh admitted to deleting 456 virtual machines that affected 16,000 WebEx accounts for weeks, according to the Justice Department.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted. The FBI has accused a Russian national of attempting to recruit an insider to install malware to steal data, which criminals hoped to ransom for $4 million.
He'd worked at NASA, Visa and Time Warner and stepped in at Home Depot after it was hacked in 2014. But nothing quite prepared Jamil Farshchi for the spotlight he'd face when he took over as CISO at Equifax after its massive 2017 data breach. He discusses how the Equifax security organization has rebounded.
The New Zealand Stock Exchange resumed trading in the early afternoon on Friday after the impacts of distributed denial-of-service disruptions reverberated into a fourth day. The hobbling of the exchange's trading has demonstrated that DDoS attacks remain an unpredictable threat.
Cybersecurity professionals expect a spike in ransomware attacks against school districts and universities this fall as new hybrid learning environments go online and unpatched equipment that has spent months in the homes of students and faculty is reconnected to school networks.
Patient identifiers embedded in medical images used for online presentations are at risk of inadvertent discovery by advanced web-crawling technologies in search engines, three radiology associations warn.
A hack-for-hire campaign targeting an "international architectural and video production company" serving high-end real estate ventures likely involved corporate espionage driven by a developer eager for insider data, according to an analysis from security firm Bitdefender.
Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through. On average, about a quarter of all successful ransomware attacks feature a gang claiming to have first stolen data. But in recent months, the number of gangs actually doing so has surged.
An advertising software development kit called Mintegral that's embedded in 1,200 iOS apps misattributes ad clicks and logs potentially sensitive app data, security firm Snyk alleges. But Apple says there's no evidence the SDK is harming users.