Security News

American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the hack of Pilot Credentials, a third-party vendor that manages multiple airlines' pilot applications and recruitment portals. According to breach notifications filed on Friday with Maine's Office of the Attorney General, American Airlines said the data breach affected 5745 pilots and applicants, while Southwest reported a total of 3009.

Verizon Business today released the results of its 16th annual Data Breach Investigations Report, which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware - malicious software that encrypts an organization's data and extorts large sums of money to restore access.

API calls make up the majority of our digital lives. Take, for example, the everyday use of a cloud-based food delivery app, which could involve up to 25 API calls.

Japan's minister for digital transformation and digital reform, Tono Karo, has apologized after a government app breached citizens' privacy. Fujitsu Japan developed and operates the service, which preps PDF files in response to user requests and then despatches them to printers in convenience stores.

Proactive threat hunting helps organizations save money by preventing security breaches and reducing the impact of attacks. To better understand the perspective of threat hunters who are in the trenches defending their organizations every day, Team Cymru surveyed 218 experienced security analysts to learn what works and what doesn't in their threat hunting program, how they measure success, and the biggest challenges they face.

Organizations globally are under tremendous pressure to address evolving threats like ransomware, zero-day vulnerabilities, and espionage, and they face challenges in extending security coverage across multiple environments and dealing with an ongoing skills shortage, according to Bitdefender. "The results of this survey demonstrate, more than ever, the importance of layered security that delivers advanced threat prevention, detection and response across the entire business while improving efficiencies that allow security teams to do more with less," said Andrei Florescu, deputy GM and SVP of products at Bitdefender Business Solutions Group.

For SlashNext's The Mobile BYOD Intelligence Report, the company surveyed 300 individuals about the use of personal devices for work, how employers balance security and employee privacy with the popularity of Bring Your Own Device, and the resulting gaps in cybersecurity. Right off the bat, the survey found that the use of personal devices for work has been increasing.

Even though your company may not have suffered a direct breach, your data may already be on the Dark Web. Breaches end up being marketed by hackers with data descriptions and auction demands, often in Bitcoin.

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. The malware is mainly designed to single out Unix-like platforms running x86, x64 and ARM architectures, with GoBruteforcer attempting to obtain access via a brute-force attack using a list of credentials hard-coded into the binary.

The impact a data breach can have on individuals can be devasting; getting back to something that vaguely resembles normality is very challenging. There are obviously huge differences between individuals and organizations regarding security.