A recently uncovered vulnerability in a class of Amazon Web Service APIs can be exploited to leak AWS identity and access management user and arbitrary accounts, according to Palo Alto Networks' Unit 42.
U.K. Prime Minister Boris Johnson announced Thursday the creation of a National Cyber Force designed to strengthen Britain's cybersecurity posture and give the country new defensive and offensive capabilities. Some security experts, however, are raising concerns about recruiting enough qualified staff members.
View this webinar, as we explore these topics and many more to outline how these architectures and aspirations lay the groundwork for a better user experience, increased reliability of your services, as well as increased security for all your web-facing business functions.
This edition of the ISMG Security Report features a discussion with Christopher Krebs, the recently fired director of the Cybersecurity Infrastructure Security Agency, on his accomplishments at the agency. Also featured are updates on ransomware gangs recruiting affiliates and healthcare supply chain risks.
"Has anyone witnessed any examples of criminals abusing artificial intelligence?" That's a question security firms have been raising. A new report has identified likely ways in which such attacks might occur and offers examples of threats already emerging
The U.S. Senate on Tuesday unanimously passed federal IoT security legislation that will require the government to only procure devices that meet minimum cybersecurity requirements. The bill now moves to President Donald Trump's desk.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.
Medical device maker Becton Dickinson and federal authorities have issued alerts concerning an authentication weakness that, if exploited, could result in a denial-of-service attack on certain models of the BD Alaris PC Unit drug infusion and monitoring system.
NOYB, a privacy group run by Austrian Max Schrems, has filed complaints against Apple with Spanish and German data protection regulators alleging the company's Identifier for Advertisers breaks EU privacy laws by allowing Apple and all apps on the iPhone to track a user without consent.
Blockchain technology has been floated as a solution to enable remote, electronic voting. But MIT researchers say today's paper-based systems, while imperfect, are still the most reliable way to prove to voters that their selections have been accurately cast and tallied.
IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.
Distributed denial-of-service attacks have not garnered much attention this year. But analysts say such attacks could surge, and they have the potential to be just as damaging as ransomware and other types of cyberthreats.