An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.
Christopher Painter, who has advocated for diplomatic engagement with cyber friends and foes alike, is leaving his post as coordinator of cyber issues at the State Department, a job he has held since early 2011.
Package-delivery giant FedEx is warning that the global outbreak of NotPetya malware will "materially impact" profits; its TNT Express international delivery service continues to experience "widespread service delays" as it struggles to restore crypto-locked systems.
What trait does a global cyberattack and a hurricane share? Both could cost insurers - and victims - dearly. In a new report, Lloyd's of London estimates that a major cloud services attack could trigger $53 billion in losses and cleanup costs.
Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.
The plaintiffs who are suing Donald Trump's presidential campaign for conspiring with Russia and WikiLeaks over disclosing their private information stolen from Democratic Party computers could declare a moral victory even if they lose their case. Could exposing the truth be their ultimate goal?
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?
Organizations need to take a well-considered, structured approach to integrating IoT into existing information risk management processes to address security, Gartner's Ganesh Ramamoorthy explains in an in-depth interview.
Leading the latest edition of the ISMG Security Report: a report on FBI Director-Designate Christopher Wray's admission that he faces a steep cybersecurity learning curve. Also, the U.S. government restricts use of Moscow-based Kaspersky Lab Software. Is that a smart move?
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
The Trump administration has moved to restrict the U.S. government's ability to use products built by Moscow-based anti-virus firm Kaspersky Lab, which claims it's been caught up in a "political game" being played out between Washington and Moscow.
Two years after a massive breach that exposed the personal information of some 21.5 million individuals, the U.S. Office of Personnel Management continues to labor in its attempt to guarantee the security of its information systems.
The workforce of information security analysts in the United States has exceeded 100,000 for the first time, more than doubling since the Department of Labor's Bureau of Labor Statistics began publishing full-year statistics for the occupation category in 2012.