Encouraged by the moves of medical device manufacturers, Jennings Aske, CISO of NY Presbyterian Hospital, says the "state of the union" of medical device security has improved dramatically. But what more is needed to mitigate risks?
Déjà vu basic cybersecurity challenge all over again: With the U.S. government warning that geopolitical tensions could trigger wiper-attack reprisals, security experts review the basic anti-wiper - and anti-ransomware - defenses organizations should already have in place.
Together with President Donald Trump and the EU Copyright Directive, the U.K's Internet Services Providers' Association has nominated Mozilla as one of its three nominees for "internet villain" of the year. Its purported crime has been to advance a more secure version of the domain name system.
Healthcare information is a prime target for malicious attackers because it has a high value on the black market, says Amanda Rogerson of Duo Security, who calls for adoption of a "zero trust" model to boost security.
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security.
Biometrics may be in fashion, but it's in part because users are ready, willing and able to use it to prove their identity, thanks to Apple, Samsung, Google and other players providing trustable hardware for verifying people's fingerprints and faces, says IBM Security's Neil Warburton.
A distributed denial-of-service attacker who crashed a popular gaming service at Christmas has been sentenced to serve 27 months in prison. Austin Thompson has also been ordered to pay $95,000 in damages to Daybreak Games.
Findings from researchers who hacked Croatia-based vendor Zipato's smart hub controllers, which can manage networked locks, lights and security cameras, underscore the risks that can accompany home automation devices. "Smart home" vendor Zipato says it's fixed the flaws.
A recent $3 million bank heist in Bangladesh is likely the handiwork of "Silence," a Russian-speaking gang known for its slow and methodical attacks against banks and ATMs, according to an analysis by security firm Group-IB.
The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks. Some researchers say the exploits could be tied to an Iranian-backed threat group.
Semiconductor manufacturing giant Broadcom is looking to purchase endpoint security firm Symantec, Bloomberg reports, noting that while discussions are at an advanced stage, no terms have been disclosed and no deal is guaranteed.
D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices. The terms of the settlement may serve as a warning to IoT makers to get their security checks in order.
Reducing risk is a tall order, but IBM's Christopher Bontempo says healthcare security leaders can get immediate and measurable results by concentrating on two aspects: data security and incident response.
Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims. In the latest incident, Facebook removed more than 30 pages from its platform after security analysts with Check Point Research found that a hacker had loaded them with malware.
Sophos is the latest security firm to create a proof-of-concept exploit for the BlueKeep vulnerability in older versions of Windows. The company echoed several government agencies that have urged businesses to patch their devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.