In addition to announcing sanctions against Russia for election-related cyberattacks, the Obama administration has declassified technical information on Russian intelligence services' malicious cyber activities in an effort to help thwart additional attacks.
An analysis of a National Institute of Standards and Technology initiative to identify algorithms that could defend encryption against attacks from quantum computers leads the latest edition of the ISMG Security Report. Also featured: An update on new FDA guidance on cybersecurity for medical devices.
Now that more breaches are targeting industrial control systems, organizations that have paid little attention to operational technology security must ramp up their protection efforts, says breach response expert Christopher Novak of Verizon.
The Food and Drug Administration has issued a long-awaited final version of guidance for how medical device manufacturers should help maintain the cybersecurity of network-connected devices once they are in use, spelling out key steps to take.
With the rise of malware infecting IoT devices, DDoS defenders "have to assume that the attackers have an unlimited supply of machines that they can compromise," says Akamai's Michael Smith. But quarantines, ISP feedback loops and better patch management can bolster defenses.
President-elect Donald Trump names Thomas Bossert as assistant to the president for homeland security and counterterrorism. He'll help lead the shaping of the incoming administration's cyber doctrine and will bring extensive experience to the job, say people who know him.
Security software often generates so many warnings that it can be difficult to figure out which ones are the most serious. How can one differentiate good intelligence from bad? John Watters, founder of iSight Partners, discusses how to separate the signal from the noise.
Cyber espionage groups are using unconventional channels to hack target organizations, according to Mandiant' s latest research. Trusted service provider relationships are being exploited to compromise organizations in government and defense, says Rob van der Ende, Mandiant's vice president for Asia Pacific and Japan.
A variant of malware used to infect U.S. Democratic National Committee systems was also used to infect an Android app used by Ukraine's artillery forces, bolstering attribution of both attacks to Russia, says cybersecurity firm Crowdstrike.
In an effort to help advance secure nationwide health data exchange, federal regulators have released an updated online tool to help healthcare entities and technology developers sort through critical standards and implementation specifications. Learn why some thought leaders are giving the guide a thumbs up.
Memo to would-be cybercriminals: Want to move stolen funds internationally to bank accounts that you control? Need to route the funds to a few money mules to get it laundered? Don't do it from a system tied to an IP address registered to your home.
As cybercriminals continue to wage more sophisticated, well-funded attacks, it's more urgent than ever to attract qualified professionals to careers in cybersecurity, Symantec CTO Dr. Hugh Thompson says in this audio interview.
The Obama administration has failed to reach agreement with 40 other nations on easing restrictions on exports of certain intrusion software, sometimes called "spyware," that could be exploited by repressive regimes - but also could be used to help secure computer systems.
The National Governors Association, in a new road map for improving nationwide secure health data exchange, proposes that states attempt to better align their privacy laws to the federal HIPAA Privacy Rule to help remove legal barriers.
The Shadow Brokers is offering more Equation Group attack tools for sale, payable in bitcoins. Experts say the dump appears designed to deflect attention from Russia's alleged meddling in this year's U.S. presidential election, but it may have originated from a rogue NSA insider.