Federal regulators and medical device maker Medtronic have issued new warnings about cybersecurity vulnerabilities in certain cardiac devices from the manufacturer that could potentially allow attackers to manipulate the products' functionality, posing safety risks to patients.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
Mirai, the powerful malware that unleashed unprecedented distributed denial-of-service attacks in 2016, has never gone away. And now a new version has been equipped with fresh exploits that suggest its operators want to harness the network bandwidth offered by big businesses.
Is your security team blind to the activities in more than half of its IT assets? That was just one of the findings in a new report from 451 Research, based on in-depth interviews with security leaders across 150 large enterprises and focused on the challenges facing their teams. On average, the report found SIEMs...
Getting a telemetry stream back from applications can help organizations to "adjust much more quickly to see how practical attacks are happening on the endpoint and then go to mitigate," says Aaron Lint of Arxan.
Backers in the U.S. Congress are hoping that the third time is the charm for an internet of things cybersecurity bill that would set minimum security standards for the connected devices that the federal government purchases for various projects.
Criminals wielding a new strain of ransomware called Cr1ptT0r are targeting network-attached storage users. The campaign was first discovered in February after owners of D-Link network storage enclosures reported that their devices were being crypto-locked.
The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service."
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
Few internet-connected devices are built to be secure by default, and the problem is getting worse because many devices are connecting to poorly secured cloud services, says Ken Munro of Pen Test Partners.
Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
When examining a data-driven future, embracing new developments around artificial intelligence (AI) and machine learning (ML), IT operations, security and IoT is key. The goal: to generate positive outcomes from your data.
Pulling together insights from thousands of customer and our dedicated research teams, our...
Do you have a plan for cybersecurity? Digital technology is touching every aspect of our lives, which is giving bad actors unlimited runway to create new threats daily. It's this atmosphere that makes it imperative that organizations are prepared, informed and actively hunting for adversaries.
But do you know where...