After years of focus, the needle is moving positively toward improving medical device security. But what about the growing cybersecurity issues associated with enterprise IoT? Mac McMillan of CynergisTek shares his concerns.
Organizations are increasingly incorporating open source code elements into their software development to accommodate agile development methodologies and swift go-to-market requirements, but not many are addressing the security concerns that follow, says CA Veracode CTO Chris Wysopal.
Email is still the most common attack vector as a preferred method utilized by attackers because of the overwhelming effectiveness. Phishing attacks have only been increasing and evolving to bypass modern security appliances, endpoint protection, and user awareness training.
Al Pascual of Javelin Strategy and Research discusses a new report that shows that while crypto wallets may be considered to be at the sharp end of payments innovation, the security vulnerabilities they face are much the same as those that already exist in digital banking and payments.
The U.K.'s National Cyber Security Center and Australian Cyber Security Center are using the "Have I Been Pwned" breach-monitoring service to centrally monitor for email addresses registered to government domains that appear in data breaches.
As internet of things devices become increasingly common in the enterprise, CISOs must lead the way in making sure emerging security issues, including a higher risk of distributed denial-of-service attacks, are adequately addressed, says John Pescatore of the SANS Institute, which offers training for CISOs and others.
With the explosive growth of the internet of things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks, who offers a strategy.
An attacker who gains physical access to a corporate PC with an Intel chip could exploit the built-in Active Management Technology to backdoor the system in about 30 seconds, unless default AMT credentials have been changed, Finnish security firm F-Secure warns.
Fresh research into mobile apps designed to control ICS systems from afar has unearthed unnerving findings. More than 20 percent of mobile ICS apps have issues that could allow an attacker to influence an industrial system.
One of the most alarming breaches of 2015, involving Hong Kong toymaker VTech, has resulted in a $650,000 settlement with the U.S. Federal Trade Commission. It's a warning that internet of things security shortcomings - especially involving children's personal data - will have business consequences.
Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
Internet of things security alert: An attacker has been attempting to infect hundreds of thousands of Huawei home routers with a variant of the notorious Mirai malware called Satori, security researchers warn. Huawei has confirmed the flaw and issued patches and workarounds for affected users.
The U.S. Food and Drug Administration issued cybersecurity expectations for manufacturers of medical devices. But ow are those expectations being met, and what is the FDA's ongoing role in improving device security? The FDA's Suzanne Schwartz offers an update.