As if the internet of things didn't seem secure enough, now we have to worry about apps on our smartphones posing a risk too. At Black Hat Europe, researchers from Invincea Labs demonstrated zero-day flaws in Belkin's WeMo home-automation device firmware as well the WeMo Android app, which have been patched.
How did the FBI likely approach its examination of the computer of Hillary Clinton's close aide Huma Abedin to determine if it contained classified materials? Forensic expert Rob Lee explains just how such an examination occurs.
The Domain Name System is crucial to the functioning of the internet, but largely taken for granted - until it breaks. In an audio interview, Cricket Liu of Infoblox discusses how DNS providers must improve security.
Will the advent of faster payments in the U.S. open new doors for fraud? Business continuity and security are priorities for the Federal Reserve, says Marianne Crowe of the Boston Fed. But independent consultant Richard Party begs the question: Is the U.S. really ready?
What are the critical elements of developing a "wartime" mindset to deal with serious cyber threats facing the healthcare sector? Find out how presenters and attendees answered this question at ISMG's Healthcare Security Summit.
DDoS attacks apparently were directed at the small west African country of Liberia from the same botnet that struck networking services provider Dyn. Were the attacks just a test for a bigger attack to come?
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
Microsoft says a zero-day flaw in Windows that was publicly revealed by Google - before a patch was ready - was being exploited by the Russian hacking group known as ATP28 and "Fancy Bear" via spear-phishing attacks.
As investigations into the distributed denial-of-service attack on Singaporean ISP StarHub continue, experts believe that the scale of IoT infections - needed to launch attacks of such severity - and the circumstances perpetuating it are the bigger problems.
A potentially explosive story suggests that there were secret communications between Russia and U.S. presidential candidate Donald Trump's business. But computer security experts have dismissed the report, saying it's based on a flawed interpretation of technical information.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
In a sign that investigators are paying more attention to disrupting stresser/booter services, script-kiddie-friendly Hack Forums recently announced that it will be shutting down its related Server Stress Testing forum.
The latest ISMG Security Report kicks off with a bit of history: Comparing the similarities between remediating the year 2000 data problem, known as Y2K, that enterprises faced at the end of the 20th century with today's initiatives to drive IT security by modernizing information systems.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.