Attackers - likely operating from China - have been surreptitiously hacking into global telecommunications providers' networks to quietly steal metadata and track subscribers - and those with whom they communicate - as part of an ongoing cyber espionage operation, warns security firm Cybereason.
WhatsApp, the messaging service owned by Facebook, says it's ready to launch its digital payment services, WhatsApp Pay, in India following its beta test. But the Supreme Court says WhatsApp first must comply with RBI's data localization requirements.
Bad news for anyone who might have hoped that the data breach problem was getting better. "Anecdotally, it just feels like we're seeing a massive increase recently," says Troy Hunt, the creator of the free "Have I Been Pwned?" breach-notification service. Unfortunately, he says, the problem is likely to worsen.
Third-party risk has emerged as one of 2019's top security challenges, and the topic was the focus of a recent roundtable dinner in Charlotte. RSA's Patrick Potter attended that dinner and shares insight on how security leaders are approaching this aspect of digital risk management.
Data in non-production environments represents a significant percentage of total enterprise data volume. Non-production environments also carry more risk than production environments because there are more direct users, says Ilker Taskaya of Delphix, who discusses how organizations can reduce that risk.
Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
Tens of thousands of minors on Instagram expose their email addresses and phone numbers, which child-safety and privacy experts say is worrisome. The kids have turned their profiles from personal ones to business ones, which Instagram mandates must have contact details. But is that appropriate for a child?
Britain's biggest businesses continue to inappropriately expose servers and services to the internet, putting the organizations and data at risk, according to a study by Rapid7. Tod Beardsley describes the findings, including a widespread lack of phishing defenses as well as cloud misconfigurations.
Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Cybersecurity is a priority for the second term of Prime Minister Narendra Modi. As he completed his cabinet ministry appointments, he instructed the ministers to take up initiatives that can help build a cyber-resilient nation.
A security researcher found an unsecured database belonging to the Shanghai Jiao Tong University in China that contained 8.4 TB of email metadata. While it's not clear if anyone accessed the data, an attacker could have seen all email being sent or received by a specific person.
The latest edition of the ISMG Security Report describes Apple's newly announced single sign-on function that's built with privacy in mind. Plus, a discussion of the "other" insider threat and an Infosecurity Europe conference recap.
Under India's pending data protection bill, a data fiduciary would need to ensure that data is used only for the purpose for which it was collected, Justice (retired) B.N. Srikrishna, chairman of India's Data Protection Committee, explains in this exclusive video interview.
A third medical lab test firm - BioReference Laboratories - has acknowledged that it's a victim of the data breach at American Medical Collection Agency, which may have exposed data on more than 20 million patients. Meanwhile, at least four state attorneys general are now investigating the breach.
One year after the EU's General Data Protection Regulation went into full effect, data protection experts gathered at the European Data Protection Summit in London to review the state of privacy - not just in the U.K. and Europe but across the world. Here are eight takeaways.