Threat actors are holding 1.2 million sensitive files belonging to Mexican bookseller Librería Porrúa for ransom. On July 15, a security researcher discovered the records in an unprotected MongoDB database. Three days later, threat actors also stumbled upon the unsecured server and proceeded to replace all records in it with

Organizations in the Financial Services Industry (FSI) are doing a rather poor job at preventing cyberattacks, new research by Synopsys shows. The majority of FSI organizations have suffered a cyberattack that caused system failure and downtime (56%) or have had threat actors steal sensitive customer data (51%). Ransomware infections or

Two in three firms are implementing Security-as-a-Service (SECaaS), or plan to do so in the next 12 months, a new Thycotic study shows. It projects that by 2021, SECaaS will have been adopted by over 70% of organizations. SECaaS can involve the use of security software provided by third-party firms,

On Friday, the Intermediate-Range Nuclear Forces (INF) Treaty that played a key role in ending the Cold War nuclear arms race between the United States and the Soviet Union, officially became defunct. The INF Treaty collapsed in February when the US government announced that it will pull out of the agreement, a

Privacy advocates are accusing Microsoft of investing in surveillance technology that is used to spy on people whose human rights are being trampled upon by authorities. In particular, activists criticize the tech giant’s funding of AnyVision, an Israeli facial recognition firm that provides technology used to carry out surveillance on

On Friday, North Korea carried out its third missile test in eight days. South Korean officials stated that the missiles were likely a new kind of short range ballistic missile just like the type used in the previous launches. Experts believe that Pyongyang is carrying out the tests as a

Bugcrowd has released a new study on the current state of crowdsourced security. The report cites a 92% surge in the total number of vulnerabilities that were reported by bug bounty researchers last year, compared to the previous report. Researchers are not only finding more flaws, but they are also

A new report by the Chartered Institute of Information Security points to a lack of resources (45%), a lack of experience (37%), and skills gaps (31%) as the three biggest problems that cybersecurity professionals are currently facing. The estimated global shortage of qualified security pros is estimated to approach three

A new Deloitte survey among IT security professionals found that almost half (48%) of them recognize the importance of embedding DevSecOps throughout the life cycle of Internet-of-things (IoT) development and of cooperating with legal, procurement, and compliance across deployments. About the same number of respondents (51%) expressed mild confidence in

The PCI Security Standards Council and Retail and Hospitality ISAC have issued a joint bulletin to warn about the rise of online skimming attacks like Magecart campaigns. Magecart is an umbrella term for various criminal groups that attack web shops with the aim of injecting them with card skimming malware.