A new dump from WikiLeaks has revealed an apparent CIA project - code named "CherryBlossom" - that since 2007 has used customized, Linux-based firmware covertly installed on business and home routers to monitor internet traffic and exploit targets' devices.
GDPR is in effect, and in one year, regulators will start to assess penalties against enterprises not in conformance with the regulation. How prepared are entities? Will it take a high-profile penalty to get the world's attention? Michael Hack of Ipswitch weighs in.
Cybercriminals and nation-state threat actors are beginning to act alike - and that's bad news for cybersecurity leaders and their enterprises, says Eward Driehuis of SecureLink. Here are the trends to track.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.
Former U.S. CISO Gregory Touhill says the federal government must rethink how it hardens its workforce to prevent cyberattackers from succeeding. Organizations, he says, should regularly conduct cybersecurity exercises to help build their cyber defense.
The CEO of the company that crippled WannaCry's ransomware component explains to Congress how the worm continues to attack unpatched systems at increasing rates. Also, creating a healthcare cybersecurity framework.
Despite the efficiencies of cloud services, security remains a significant barrier of entry for many organizations. Mark Urban of Symantec offers advice to help security leaders navigate past cloud complexity and chaos.
Good news: The Neutrino exploit kit - once a major exploit kit player - appears to have disappeared from the cybercrime scene. While it's unclear if Neutrino is gone for good, rivals have already filled any gaps in the market.
Russian hackers struck election systems in almost twice as many states as previously reported, according to a news report. The breaches could undermine confidence in the election process, one cybersecurity expert warns.
Two security firms have investigated what they describe as a malware platform for attacking the industrial control systems that run electricity plants. They warn that the platform was the likely culprit behind the December blackouts in Ukraine.
Banks that collectively own SWIFT saw their profits vanish last year as the organization increased its investments in information security, even as the interbank messaging service handled record volumes of money-moving messages.
Marissa Mayer bids adieu to Yahoo as Verizon completes its acquisition of the company for $4.48 billion - a $350 million discount gained after the search giant last year revealed that it had suffered two massive data breaches.
A report on security flaws found in mainframe computers leads the latest edition of the ISMG Security Report. Also, the tale of how a hacker launched his career; insights on new EU data protection regulations.
New details have emerged relating to the 2015 hack attack against French broadcaster TV5Monde, which resulted in multiple television channels going dark as well as social media channels run by the broadcaster being hijacked and used to spew purported jihadist propaganda.
To encourage individuals to improve their security practices, begin by not blaming them. That was one takeaway from security experts at the Infosecurity Europe conference, who offered practical tips for changing user behavior and creating a culture of security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.