The Department of Homeland Security has issued an alert warning about cyber vulnerabilities in certain Siemens medical imaging products running Windows 7 that could allow hackers to "remotely execute arbitrary code." How serious are the risks?
The latest edition of the ISMG Security Report leads with a report on the charges brought against Marcus Hutchins, the "accidental hero" who stoped the WannaCry malware outbreak. Also featured: reports on advances in attribution and new legislation to secure vulnerable medical devices.
The front line to battle Russian hackers is shifting to American courts, according to the lead story in the latest edition of the ISMG Security Report. Also, malware targets Apple's operating system and a preview of the ISMG Fraud and Breach Prevention Summit in New York.
It has been a fairly slow year for Mac malware. But a former NSA researcher has dug into the first Mac malware sample that was detected earlier this year - dubbed "Fruitfly" - and found at least 400 computers, and possibly more, infected with a variant of the malware.
Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.
Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
"If you've got an incident response program that's been around for years, then it's probably based on...
Traditionally in cybersecurity, technology is the central focus. Adversaries act; security controls respond. But Richard Ford of Forcepoint says it is time to change the dynamic with a shift to human-centered security.
The traditional, tech-centric approach cedes too much control to the attackers, says Ford, Chief...
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Phishing attacks are on the rise for two main reasons, according to Brooke Satti Charles, a Financial Crime Prevention Strategist with IBM Trusteer. The first is how easy they are to launch. The second is their continued profitability for attackers.
So how can enterprises make sure they are not the next...
Gartner, Inc. projects that 8.4 billion connected "things" will be in use worldwide in 2017. That is an increase of of 31 percent from 2016. By 2020, that number could reach as high as 20.4 billion. The Internet of Things (IoT) is no longer just a trend. It is happening now, and will have cybersecurity effects on your...
Phishing attacks are on the rise, due in large part to how easy to launch and lucrative they are for the attackers, says Brooke Satti Charles of IBM Trusteer.
"Phishing is a really easy way to perpetrate an attack," says Satti Charles, a financial crime prevention strategist. "Creating a sophisticated way to break...
Organisations of every size are experiencing a problem as their operations digitally transform. They are unable to secure mission-critical workloads on cloud-based infrastructure without increasing risk, operational friction, or introducing compliance violations.
However, creating simpler and faster user-based...
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.