An Australian IoT alliance is developing a certification program designed to raise security standards for connected device manufacturers and give consumers more confidence that they're buying secure devices. The program, slated to start in September, could expand globally.
Several Nigerian nationals have been indicted for their alleged involvement in business email compromise campaigns from 2015 to 2017 that targeted U.S. businesses.
Measuring and communicating the value of a cybersecurity program is more important than ever. Colin O'Connor, COO of ReliaQuest, previews the topic for an upcoming virtual roundtable.
How do the recently identified "Ripple20" TCP/IP code flaws potentially impact medical devices? And what steps can healthcare organizations take to help mitigate the risks? Elad Luz of the security research firm CyberMDX, which helped study the vulnerabilities, offers an analysis.
Time for another internet of things update nightmare: Researchers have found that a little-known but widely used TCP/IP software library built into millions of internet-connected devices has 19 flaws that need fixing. Developer Treck has issued fixes, but how many vulnerable devices will end up patched?
Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.
Since the advent of the COVID-19 crisis, many enterprises have moved new workloads to the cloud. But have they been just as swift to adopt cybersecurity best practices in these multi-cloud environments? IBM's Limor Kessem analyzes a new cloud security study.
As a result of shift to a remote workforce, network segmentation is an even more critical step for safeguarding information, says Tom Dolan of Forescout Technologies, who discusses how deployments can also help with meeting regulatory requirements.
An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks.
The Trump administration's continued press against China snared an unintended victim: America's own influence over 5G standards development. But the U.S. Commerce Department says a new rule will free U.S. firms to work with any company, including China's Huawei, on developing new telecommunications standards.
A new research paper describes a side-channel attack technique that could enable hackers to eavesdrop on a conversation by tracking vibrations in a hanging ligh bulb.
Increasingly, organizations are turning to encryption to help solve multiple security issues, whether it's protecting data, managing risk or meeting government regulations. While managing all these encryption keys can be complex, Brad Beutlich of nCiper Security doesn't believe it has to be this way.
Why do so many enterprises remain chained to outdated and vulnerable identity and access management technologies - legacy systems that rely on passwords, eat budgets and kill productivity? Baber Amin of Ping Identity and Ramnath Krishnamurthi of LikeMinds Consulting preview a new virtual roundtable on Modernizing IAM.
Two recently reported health data breaches illustrate persistent security challenges - defending against ransomware attacks as well as unauthorized access to email - that sometimes can expose years' worth of data.
Temperatures (and tempers) are rising, and nations and states alike are starting to relax their COVID-19 restrictions. But pandemic expert Regina Phelps says it's too early to be celebrating victory and reopening offices because the first wave of the virus has yet to end.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.