A British parliamentary committee investigating whether the social media behemoth was being used to manipulate the results of elections published 250 pages of internal Facebook documents earlier Wednesday. They show executives holding discussions about big companies such as Netflix being granted preferential access to user data even after Facebook had tightened its privacy rules in…

Without a ransomware recovery strategy, companies sometimes end up paying to retrieve their data after an attack. At the same time, threat actors are growing more sophisticated in their ability to bypass both antivirus and anti-ransomware tools — thus, they’re also growing bolder. To stay ahead of the curve, organizations will need to develop more…

LabCorp, a company that provides “diagnostic, drug development and technology-enabled solutions for more than 115 million patient encounters per year,” serves hundreds of thousands of customers nationwide and processes tests on more than 2.5 million patient specimens per week. With revenues that topped $10 billion last year, the health company operates a network of more…

Facebook acknowledged Tuesday it was facing multiple inquiries from US and British regulators about the major Cambridge Analytica user data scandal. The leading social network offered no details but its admission confirmed reports of a widening investigation into the misuse of private data by Facebook and its partners. “We are cooperating with officials in the…

GitHub has instructed some users to reset their passwords after a bug caused internal logs to record passwords in plain text. Several users posted screenshots on Twitter of the security-related email they received from GitHub on Tuesday. The company told impacted customers that the incident was discovered during a regular audit. GitHub claims only a “small number”…

If you do incident response work, you know it doesn’t matter whether you work for a large corporation or a small organization — an incident can strike at any given time. Unfortunately, there are often huge time lapses between when an incident occurs, when it is detected and when the security team can address it….

Data breaches, phishing attacks, information disclosure – the Internet can be a scary place. Conducting a cybersecurity audit (or getting a third-party assessment) is a great way to understand your organization’s cybersecurity posture. But, like preparing any exam or review, getting ready for a cybersecurity audit can be intimidating. While every security assessment will be…

While some organizations have spent decades fine-tuning their ability to respond to and manage cyber risks, far too many are still playing games with their security strategy. From a cybersecurity perspective, 2017 will go down as a record year for data breaches. The Identity Theft Resource Center (ITRC) reported 1,579 breaches, up 45 percent from 2016. By…