A new methodology for assessing whether a medical device cybersecurity issue is likely to pose a danger to patients should be available later this year, says cybersecurity researcher Billy Rios in this in-depth interview.
All users of the OpenSSL crypto library should upgrade immediately to fix a serious flaw attackers could exploit to decrypt Web traffic, as well as for a fresh Logjam fix, security experts advise.
When is a breach not a breach? When you can prove that sensitive data has not been accessed - even off a lost or stolen device. And the way to ensure that, says former prosecutor Stephen Treglia, is through Absolute Data & Device Security.
Congressman Will Hurd has a simple request for U.S. government agencies: Have you been using vulnerable Juniper Networks devices? But Congress needs to consider tougher questions about its culpability in this backdoor debacle.
Because cybercriminals are targeting the healthcare sector, organizations must regularly assess the security risks in all their applications, not just those containing protected health information, says risk management expert Angel Hoffman.
Cybercriminals are in mourning after the shocking announcement from Oracle that it will deep-six its beloved Java Web browser plug-in technology, owing to browser makers failing to support "standards based" plug-ins.
Bipartisan legislation before Congress, if enacted, could put pressure on publicly traded companies to add cybersecurity expertise to their boards of directors.
Israel has reportedly foiled a "severe cyberattack" launched against the Israeli Electricity Authority. The malware attack doesn't appear to have resulted in any disruption to the country's power grid, but many government systems remain offline.
A successful startup is fueled by passion, speed and innovation - all enabled by technology. Not securing this technology layer from day one can therefore have expensive consequences later. IEEE's Diogo Mónica shares security insight for startups.
Cyber-extortion attacks, especially those involving DDoS gangs that threaten disruptions unless the targeted organization pays a bitcoin ransom, are on the rise. Experts describe how organizations should respond to - and resist - these attacks.
How many networking vendors - like Juniper - have been selling devices with backdoors attackers could use to intercept and decrypt communications? Some networking giants say they've launched code reviews. But why are eight vendors staying silent?
The Obama administration's initiative to move much of the U.S. federal government's security clearance responsibilities to the Defense Department from the Office of Personnel Management is receiving mixed reviews from security experts and lawmakers.
Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Why is devising a reliable patient identifier such a critical issue? Because matching a patient to the wrong records creates serious safety risks as well as privacy problems, says CIO Marc Probst, who explains in an interview how he's tackling the issue at Intermountain Healthcare.
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.