Data security breaches

Get the latest information on enterprise security data breaches. Learn about data breach laws and regulations, best practices for data breach notification and response plans, the risks of exposed corporate data and personally identifiable information.

July 26, 2021 26 Jul'21
Coveware: Median ransomware payment down 40% in Q2 2021

Coveware CEO Bill Siegel said that the efficacy of using data leak threats to obtain ransomware payments has gone down because 'you don't get anything in return when you pay.'
July 21, 2021 21 Jul'21
U.K. man arrested in connection with 2020 Twitter breach

A 22-year-old U.K. resident was arrested in Spain and will face extradition on charges related to a social engineering operation that netted big-name Twitter accounts.
June 28, 2021 28 Jun'21
DarkSide ransomware funded by cybercriminal 'investors'

New ransomware gangs such as DarkSide are receiving cryptocurrency investments from their peers and are poised to make life difficult for enterprises and law enforcement alike.
June 21, 2021 21 Jun'21
Biden proposes critical infrastructure safe zones for hacking

The U.S. wants Russia to agree to make critical infrastructure targets off limits to hacking, but some infosec experts are skeptical such an agreement can be enforced.

Bring yourself up to speed with our introductory content

industrial espionage

Industrial espionage is the covert, and sometimes illegal, practice of investigating competitors to gain a business advantage. Continue Reading
data breach

A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion. Continue Reading
information security (infosec)

Information security, often shortened to infosec, is the practice, policies and principles to protect data and other kinds of information. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Can a new DHS cybersecurity strategy help the private sector?

The U.S. Department of Homeland Security outlines federal plans to improve public and private cybersecurity, but analysts advise caution over strategies that can't be mandated. Continue Reading
Ransomware attack case study: Recovery can be painful

Even with full backups and no permanent data loss, recovering from ransomware can be expensive and painful, as evidenced in this ransomware attack case study. Continue Reading
Malware researcher speculates on the future of ransomware

Abhijit Mohanta, author of 'Preventing Ransomware,' opines on the future of ransomware and discusses why this attack is favored among cybercriminals. Continue Reading

Learn to apply best practices and optimize your operations.

4 healthcare risk management tips for secure cloud migration

From improving the security posture and updating threat modeling to securing cloud data, learn about four risk management tips for healthcare organizations migrating to cloud. Continue Reading
How to handle social engineering penetration testing results

In the wake of conducting social engineering penetration testing, companies need to have a plan ready to prevent or minimize phishing, vishing and other attacks. Continue Reading
How to ethically conduct pen testing for social engineering

Author Joe Gray explores his interest in pen testing for social engineering, what it means to be an ethical hacker and how to get started in the career. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Explore 5 business email compromise examples to learn from

Gift cards are for gifts, never for payment. Explore real-world examples of business email compromise to learn common attack patterns and red flags. Continue Reading
How do cybercriminals steal credit card information?

Cybercriminals have several methods at their disposal to hack and exploit credit card information. Learn about these, how to prevent them and what to do when hacked. Continue Reading
5 cybersecurity lessons from the SolarWinds breach

Ransomware attack simulations, accessing enterprise logs and pen testing software code are among the best practices cybersecurity pros suggest following the SolarWinds breach. Continue Reading