Data security breaches
- August 29, 2019
The alleged Capital One hacker, Paige Thompson, was charged with additional counts of fraud and abuse for stealing data from more than 30 other organizations.
- August 05, 2019
Infosec pros warn of server-side request forgery vulnerabilities in AWS following the Capital One data breach, which may have revealed an issue regarding the AWS metadata service.
- August 02, 2019
History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.
- July 30, 2019
The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall.
- July 30, 2019
Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year.
- July 24, 2019
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.
- July 22, 2019
Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers.
- July 16, 2019
Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note.
- March 25, 2019
FEMA's data exposure is another high-profile example of accidental data disclosures -- a trend that has some security experts calling for more focus on failed security controls.
- January 29, 2019
A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet.
- January 10, 2019
This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients.
- January 08, 2019
Marriott's data breach affected fewer customers than the hotel giant originally estimated, but the breach exposed millions of unencrypted passport numbers.
- January 04, 2019
News roundup: Data Resolution claimed the Ryuk ransomware attack on its systems originated from North Korea. Plus, the EU is set to launch 14 open source bug bounties, and more.
- December 19, 2018
This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it.
- December 17, 2018
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...