The European Council on Thursday adopted security-by-design regulation that makes patching and vulnerability updates mandatory for connected devices. The regulation will ensure that "products with digital components are made secure throughout the supply chain and throughout their life cycle."
Amy Herzog, chief information security officer for Ads and Devices at Amazon, shares how her cybersecurity team accelerates product development by integrating security from the start to secure customer data on popular consumer devices such as Ring and Alexa.
The White House is proposing new regulations on connected vehicles that would prohibit manufacturers from importing software or hardware from the People's Republic of China and Russia, citing an ever-increasing threat landscape and heightened national security risks.
A Chinese state-sponsored botnet called Raptor Train has infected more than 260,000 IoT and office network devices to target critical infrastructure globally. The hackers used zero-days and known vulnerabilities to compromise more than 20 different types of devices to expand their botnet.
Secure communications in an age of network insecurity has focused mostly on encryption and fears of surveillance tracking. But as this week revealed to the dismay of terrorists and criminals alike, no OpSec measure is bulletproof to the effects of a corrupted supply chain.
FBI Director Christopher Wray said Wednesday the bureau seized control of a Chinese-developed botnet that maintained access to thousands of compromised devices across the globe as part of an effort to launch widespread disruptive cyberattacks. The botnet is a Mirai variant.
Centralized architecture in the automotive industry streamlines cybersecurity and supply chain operations by reducing hardware components and enabling quicker fixes. But that centralization also poses major cybersecurity challenges, said Thomas Sermpinis, technical director at Auxilium Pentest Labs.
Imagine cruising down a bike path and having the gears suddenly shift without warning. Security researchers say cybercriminals could take advantage of new wireless controlled bicycle gear systems to make that happen - and cause crashes and injuries.
Thijs Alkemade, security researcher at Computest Sector 7, discusses significant vulnerabilities in electric vehicle chargers. His findings highlight how attackers can exploit these flaws to remotely execute code, posing severe risks to EV infrastructure.
Piotr Ciepiela, EMEIA cybersecurity leader at EY, discusses the challenges of securing OT systems and contrasts them with IT SOC environments. He emphasizes the need for specialized tools, dedicated personnel and strong collaboration with engineering teams to manage OT SOC operations.
Hardware security remains a critical concern for IoT and embedded devices. NCC Group's Alex Plaskett, security researcher, and Robert Herrera, senior security consultant, discuss critical vulnerabilities in Sonos devices and best practices for safeguarding hardware and software.
Aftin Ross, deputy director of the Office of Readiness and Response at FDA's Center for Devices and Radiological Health, discusses the latest medical device cybersecurity regulations, industry collaboration and manufacturers' efforts to address vulnerabilities and ensure patient safety.
Software used to manage a fifth of the world's solar electricity contained flaws enabling full access to attackers, risking grid overloads and blackouts. Solar power accounts for a sliver of overall U.S. electricity generation but will make up half of domestic electricity generation by 2050.
ISMG's Healthcare Cybersecurity Summit explored emerging trends and best practices in healthcare cybersecurity, driving conversations around securing patient data and ensuring seamless healthcare system operations amid escalating cyber incidents and technological dependencies.
The interconnectedness of medical devices, which generate data that can be distributed to multiple systems that are often managed by different policies, presents privacy concerns that device manufacturers must address, said Adam Hesse, CEO of Full Spectrum.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.