Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
Two Iranian nationals remain at large after being charged by the U.S. Department of Justice with hacking into a Vermont-based engineering firm and stealing software used to develop projectiles, ranging from bullets to GPS-guided artillery shells and missiles.
Dow Jones is blaming user error for an Amazon Web Services S3 bucket misconfiguration that exposed data on about 2.2 million customers. In recent months, Verizon, WWE, Scottrade and a data analytics firm aligned with the Republican Party have been similarly caught out.
An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Avanti Markets is warning 1.6 million users of its self-service kiosk vending machines that malware-wielding hackers infected about 1,900 of its machines and stole names and payment card data, but not biometric information. Point-of-sale malware called Poseidon appears to be involved.
Analytics can play a critical role in cracking down on identity fraud, says Shaked Vax, Trusteer products strategist at IBM Security, who explains how to use the latest tools to identify network intruders.
The fraudster who is selling Australian Medicare numbers has clocked one more sale over the past day as the government and federal police try to figure out how its systems were illegally accessed.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
By lowering the price of Windows, could Microsoft help stop the spread of mass ransomware worms? India seems to think so. But fresher versions of Windows won't be a cure-all.
As the count of NotPetya victims grows, Ukraine warns that it's also being targeted with a new WannaCry lookalike that hit state power distributor Ukrenergo. Security researchers say that marks the fourth recent campaign targeting Ukraine that's based on lookalike ransomware.
Only about half of medical device manufacturers say they follow FDA guidance for addressing cybersecurity risks, says security expert Mike Ahmadi. What about healthcare providers?
A watchdog agency's annual security review of the Department of Veterans Affairs, the nation's largest healthcare provider, makes 33 recommendations for how the VA can address a variety of continuing vulnerabilities, but only three of them are new. What are the latest concerns?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.