Microsoft's IoT platform, Azure Sphere, which launched in February, is the company's bet to address the growing security and management problems around connected devices. A three-month bug bounty program for the platform resulted in resolving a number of vulnerabilities and awarding $374,000 in bounties.
Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.
Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
The latest edition of the ISMG Security Report analyzes cybersecurity firm McAfee's plans to again become a publicly traded company. Also featured: 'Zero trust' strategic insights and an IoT security flaw saga.
A recently uncovered business email compromise scam that's targeting executives' Microsoft Office 365 accounts has hit over 150 organizations worldwide so far and netted the scammers about $15 million, according to incident response firm Mitiga.
Legislation that establishes minimum security standards for IoT devices procured by the federal government is moving closer to becoming law. A bill has passed the House, and chances are likely better than ever for Senate support following a rewrite of parts of the bill.
William Dixon of the World Economic Forum is calling for the formation of a "quantum computing security coalition" to help build trust in the technology, which could play a key role in enhancing security.
Mozi, a relatively new peer-to-peer botnet, is now dominating global IoT network traffic, according to a new report from IBM's X-Force unit. The malware is being used to launch DDoS attacks as well as mine for cryptocurrency.
The hacking group "Pioneer Kitten," which has suspected ties to the Iranian government, is taking advantage of several unpatched vulnerabilities and using open source tools to target U.S. businesses as well as federal government agencies, according to the Cybersecurity and Infrastructure Security Agency.
Federal authorities and medical device maker Philips have issued security alerts about security vulnerabilities in some of the company's patient monitoring software. Until patches are available, the company is recommending risk mitigation steps.
The security firm Positive Technologies discovered six vulnerabilities in Palo Alto Networks' PAN-OS, the software that runs the company's next-generation firewalls. The firewall developer has issued patches.
TeamTNT, a recently uncovered hacking group, is weaponizing Weave Scope, a legitimate cloud monitoring tool, to help install cryptominers in cloud environments, according to reports from Intezer and Microsoft.
Several cities in the Netherlands have installed IoT traffic lights. But researcher Rik van Duijn says his team found security problems that could enable attackers to remotely trigger the lights.
The U.S. Cybersecurity and Infrastructure Security Agency is ordering most executive branch agencies and departments to create vulnerability disclosure programs by March 2021. Some agencies, such as the Pentagon, already have robust programs in place.
Two recent hacking incidents that each affected more than 100,000 individuals illustrate the variety of cyberthreats healthcare organizations face during these chaotic times. Security experts offer risk mitigation insights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.