News
Data security breaches
- January 29, 2019
29 Jan'19
Insecure MongoDB databases expose Russian backdoor access
A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet.
- January 10, 2019
10 Jan'19
Risk & Repeat: What APT10 means for managed service providers
This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients.
- January 08, 2019
08 Jan'19
Marriott data breach exposed 5 million unencrypted passport numbers
Marriott's data breach affected fewer customers than the hotel giant originally estimated, but the breach exposed millions of unencrypted passport numbers.
-
- January 04, 2019
04 Jan'19
Cloud provider blames Ryuk ransomware for Christmas Eve attack
News roundup: Data Resolution claimed the Ryuk ransomware attack on its systems originated from North Korea. Plus, the EU is set to launch 14 open source bug bounties, and more.
- December 19, 2018
19 Dec'18
Risk & Repeat: Lessons from the Equifax breach report
This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it.
- December 17, 2018
17 Dec'18
Marriott Starwood data breach notification de-values customers
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...
- November 30, 2018
30 Nov'18
Marriott discloses Starwood data breach affecting 500 million guests
Marriott International admitted to a Starwood data breach that began in 2014 and affects about 500 million customers. Experts are unsure about the GDPR implications.
- November 30, 2018
30 Nov'18
Ponemon study shows data valuation discrepancies in enterprises
A new study from the Ponemon Institute shows enterprises are underestimating the value of their data, including critical and confidential information assets.
- November 29, 2018
29 Nov'18
Breaking down Dell's "potential cybersecurity incident" announcement
Dell provided some information about a "potential cybersecurity incident" earlier this month, but it's unclear how the company and customers should be reacting.
- November 27, 2018
27 Nov'18
USPS website flaw exposed data for one year
The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago.
-
- November 20, 2018
20 Nov'18
Recorded Future names Tessa88 suspect in LinkedIn, Myspace breaches
Researchers at Recorded Future identified the individual behind the notorious Tessa88 hacker handle, but it's unclear what role he played in the LinkedIn and Myspace breaches.
- November 16, 2018
16 Nov'18
After 2015 OPM data breach, agency failed to update security
News roundup: Three years after the OPM data breach, the agency still hasn't implemented basic security. Plus, seven new Meltdown, Spectre attacks were uncovered, and more.
- October 26, 2018
26 Oct'18
Settlement in Yahoo data breach leaves company to pay $50M
News roundup: The Yahoo data breach will cost the company another $50 million in a settlement deal. Plus, Check Point acquired cloud security company Dome9, and more.
- October 25, 2018
25 Oct'18
Risk & Repeat: Facebook breach raises regulatory questions
This week's Risk & Repeat podcast discusses new developments regarding Facebook's recent data breach, as well as the social networking giant's response to the incident.
- October 19, 2018
19 Oct'18
Facebook hack the work of spammers, not foreign adversary
News roundup: The Facebook hack was the work of spammers, according to The Wall Street Journal. Plus, 35 million voter records are for sale on the dark web, and more.