NIST has issued long-awaited guidance on how to approach IT security as an engineering discipline. It's designed to help organizations build secure, trustworthy systems that meet evolving challenges, including the growth of the internet of things.
It's been a hot topic for years, but we are still only in the earliest stages of ensuring medical device security, according to expert Kevin Fu of Virta Laboratories. In this video interview, Fu discusses how this focus will evolve in 2017.
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
The malware-infected IoT army that disrupted domain name server provider Dyn was composed of, at most, 100,000 devices, the company estimates in an after-action report. But claims that the attacks peaked at 1.2 Tbps remain unconfirmed.
Chinese manufacturer Xiongmai will recall up to 10,000 webcams in the wake of the IoT-powered DDoS attacks that pummeled DNS provider Dyn. But information security experts say that only a more resilient internet will blunt future attacks.
A checkbox approach to security, focusing on narrow compliance issues, does little to help ensure patient data remains secure. Healthcare organizations must create a practical action plan to accomplish many goals, such as ensuring endpoints are secure, minimizing the risk of breaches, and reducing stakeholder...
Apple's security defenses have improved dramatically in recent years, but poorly written drivers in third-party applications could provide key access to critical parts of macOS.
Este caso de negócios da VMware destina-se aos executivos de negócios e de TI, profissionais de operações de TI, infraestrutura de TI e segurança de TI. Você vai aprender como as principais empresas estão alcançando um valor sem precedentes de virtualização de redes e segurança para seus data centers...
Muchas organizaciones implementan la virtualización de aplicaciones y escritorios para mejorar la seguridad de la computación del cliente y brindar una mayor movilidad empresarial. La centralización de escritorios y aplicaciones protege los datos estáticos, previene el acceso no autorizado a aplicaciones y brinda...
Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
The title of the new book is Understanding Social Engineering Based Schemes. And its mission is three-fold, Jakobsson says. He wants to profile today's most common schemes, forecast some future trends, and help organizations build effective countermeasures.
In an interview about the contents of his new book,...
Investment firm Muddy Waters Capital and security research start-up MedSec Holdings are again stirring up controversy, this time by releasing a video spotlighting more alleged cybersecurity flaws in St. Jude Medical cardiac devices.
When it comes to describing the top fraud threats to UK financial institutions, it's all about compromised identities and credentials, says John Marsden of Equifax. How can organisations prove their customers are who they say they are?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
