Cryptojackers and eavesdroppers are continuing to exploit a one-time zero-day flaw in unpatched MikroTik routers, despite a patch that's been available for six months as well as the actions of a vigilante "gray hat" hacker who's forcibly "fixed" 100,000 vulnerable routers.
With at least 20 billion new consumer devices set to be internet-connected by 2020, initiatives in the U.K. and California are trying to ensure that as many IoT devices as possible will be out-of-the-box secure, for starters by not shipping with default passwords.
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
Cryptojacking - the hidden mining of virtual currencies - continues to be a focus for online attackers. As the detection of cryptocurrency mining malware continues to rise, Europol warns that cryptojacking will remain "a regular, low-risk revenue stream for cybercriminals."
Millions of internet-of-things devices made by the Chinese company Xiongmai and sold in stores such as Home Depot and Wal-Mart still have glaring security problems, a security consultancy warns. The findings come two years after the Mirai botnet targeted Xiongmai devices.
A decade ago sandboxing (dynamic analysis) was introduced as the first automated way to understand the actions of potential malware. Now widely deployed, it offers real value in understanding and identifying unknown malware.
However, there are limitations; it is unable to keep up with the large volume of malware...
The lack of visibility into and understanding of the millions of objects that move into an organization's network means threat hunters cannot adequately identify undetected malware they are hunting for.
Local Threat Intelligence combined with advanced malware hunting tools gives threat hunters a precise way to hunt...
Emerging ransomware and 0-day exploits infect all kinds of systems with ease, while many attackers use no malware at all to accomplish their malicious goals.
Download this eBook and learn what's working from 7 leading security experts and how they've influenced their organization to make the necessary changes to...
What is new in endpoint security? To find out, we drilled into the question of endpoint security with 32 experts to discuss these aspects of endpoint security:
Keys to shutting down attacks
Rethinking your network strategy
Justifying the value of endpoint security
Moving to a cloud-based next-generation platform...
The healthcare sector needs to continue upping its ante in cybersecurity to prevent potentially catastrophic "doomsday" events that could devastate regional healthcare systems, says Erik Decker, CISO of the University of Chicago Medicine. He's helping draft a guide to mitigating five key cyber threats.
Did the Chinese government pull off one of the most secretive hardware hacks of all time? That's what information security experts are pondering after a Bloomberg report described an espionage operation that purportedly planted a tiny spying chip on widely distributed server motherboards.
The latest edition of the ISMG Security Report features an analysis of the latest developments in Facebook's massive data breach and expert analysis of the potential for nation-state interference in the U.S. midterm elections.
Suzanne Spaulding, former undersecretary for the Department of Homeland Security, says a key way to ensure public confidence in the security of U.S. elections is to rely on paper ballots for voting or as backups for electronic balloting.
As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.
Endpoint management, while broad from a technology standpoint, is moving in a definitive direction - the ability to centrally discover, provision, deploy, update, and troubleshoot endpoint devices within
an organization. The proliferation of laptops, desktops, and more will propel the worldwide market for