The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
While there are many solutions that claim to simplify certificate lifecycle management, not all of
them are built to address the unique complexities of today’s expansive and distributed digital
When evaluating a certificate management solution, it is important to look for
key capabilities that...
Could the internet of things be made more secure? A draft law in Britain would impose stronger cybersecurity regulations for manufacturers, importers and distributors of smartphones, TVs, toys and other "connected" digital devices, backed by the threat of fines of up to $13 million for noncompliance.
The top cybercrime threats facing organizations in Europe and beyond include ransomware affiliate programs, more sophisticated mobile malware and cryptocurrency-hawking investment fraud, among other types of crime, according to Europol's latest Internet Organized Crime Threat Assessment.
The rise of 5G for business is accompanied by anticipation, but also anxiety. Will the expanded footprint of IoT create an unwieldy attack surface? Will the latency benefits of edge computing be worth creating a potential new strike vector? Don’t believe everything you read in the tech headlines.
In our next...
Typically, when manufacturing enterprises start to address IoT cybersecurity, there are the needs they know they have - and then the ones of which they are completely unaware. Entrust's David Low shares what needs to be done and where best to begin.
Roya Gordon of Accenture Security describes how rather than hunting for zero-day vulnerabilities, attackers are exploiting N-Day - or known - vulnerabilities. She also discusses how to better synthesize and act on threat intelligence.
U.S. federal agencies issued a joint advisory around potential cyber threats to the nation's water facilities. They cite "ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices" of U.S. water and wastewater systems.
The latest edition of the ISMG Security Report features an analysis of attempts made by European law enforcement to encourage young cybercriminals to channel their skills in more ethical ways. Also featured: Fraud detection and response; inspiring behavioral change.
In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.
The expanded recall of insulin pump devices due to vulnerabilities that pose the risk of injury or death to patients and a recent malpractice lawsuit alleging that the effects of a ransomware attack led to a baby's death are the latest warnings of dangers posed by security issues in medical gear.
The Food and Drug Administration on Tuesday issued a warning notifying patients that medical device maker Medtronic has expanded a recall of remote controllers for certain wireless insulin pumps that were part of an earlier recall. The FDA has classified the recall as the most serious type due to issues that could...
The Food and Drug Administration has issued a new best practices document for healthcare industry stakeholders and government agencies to use when communicating medical device vulnerabilities to patients and caregivers.
A security researcher who goes by the alias Watchful_IP has discovered a command injection vulnerability that could potentially affect millions of Hikvision's IoT devices. The video security solutions provider says it has fixed the flaw and rolled out a firmware update for its end users.