Say hello to Fruitfly, the first piece of Mac malware to be discovered this year. The two-year-old malicious code is odd - it includes code that dates from the late 1990s - and appears to be designed to exploit biomedical institutions via targeted attacks.
In this edition of the ISMG Report: An FTC complaint filed against a camera manufacturer could signal the start of a trend to regulate IoT security. Also, Donald Trump adviser Rudolph Giuliani's cybersecurity credentials are questioned, and a terrorist shooting prompts new privacy guidance.
Two government agencies have issued alerts about cyber vulnerabilities in certain cardiac devices from St. Jude Medical, which were at the center of a controversial report by an investment firm last year. The device maker, recently acquired by Abbott Laboratories, has issued software updates to address the problems.
A new report from a bipartisan Congressional workgroup examining the benefits and challenges of the internet of things spotlights cybersecurity and privacy as top concerns. But will the new Congress take any action on these issues?
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
Medical device makers need to ensure they have procedures in place to take quicker action once they're alerted of cybersecurity issues in their products, says attorney Yarmela Pavlovic, who specializes in healthcare regulatory issues.
As the Trump administration begins, expect a ramp-up in cyber espionage as well as more "test attacks" by nation-states, says cybersecurity specialist Brad Medairy of the consultancy Booz Allen Hamilton.
The Food and Drug Administration has issued a long-awaited final version of guidance for how medical device manufacturers should help maintain the cybersecurity of network-connected devices once they are in use, spelling out key steps to take.
The emergence of contactless chip payments on mobile phones is changing the way transactions are authenticated and secured, Jeremy King of the PCI Security Standards Council explains in this audio interview.
So, if 2016 was the year when mobile security threats finally started to materialize and mature, what can we expect to see in 2017? Tom Wills of Ontrack Advisory shares insight on the mobility threatscape and new enterprise solutions.
Vulnerable firmware has been highlighted again in a range of low-cost Android phones, raising concerns over their security. This latest incident comes 11 months after security analysts first raised flags.
NIST has issued long-awaited guidance on how to approach IT security as an engineering discipline. It's designed to help organizations build secure, trustworthy systems that meet evolving challenges, including the growth of the internet of things.
The success of Operation SAMBRE, a global cybercrime investigation into the theft of billions of dollars from banks throughout the world, proves why information sharing between law enforcement and the private sector is key to battling cybercrime.
It's been a hot topic for years, but we are still only in the earliest stages of ensuring medical device security, according to expert Kevin Fu of Virta Laboratories. In this video interview, Fu discusses how this focus will evolve in 2017.