With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.
A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.
This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.
Following revelations that commercial spyware vendor NSO Group was able to exploit the latest model of the Apple iPhone to install surveillance software, experts describe how Apple could be doing more to lock down its iOS mobile operating system as well as curtail attacks by making them much costlier to run.
A leak of 50,000 telephone numbers and email addresses led to the "Pegasus Project," a global media consortium's research effort that discovered how Pegasus spyware developed by NSO Group is being used in the wild.
The FCC has finalized a $1.9 billion plan that will help smaller, rural telecommunications carriers pay to rip and replace technology from the Chinese firms Huawei and ZTE. The commission says using the gear poses a threat to U.S. national security.
Amazon's Alexa virtual assistant device and applications are unlawfully recording and storing highly sensitive and private conversations, including discussions of patient information, that were not meant to be recorded, four healthcare workers allege in a lawsuit seeking class action status.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including cybersecurity trends for the second half of the year, IoT device security and the planned security features for Windows 11.
Google says it's investigating how a text advertisement was injected into SMS messages containing two-step verification security codes. The text advertisement contained a link that redirected to a VPN product from antivirus vendor Avira.
This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.
The Centers for Medicare and Medicaid Services is considering new cybersecurity requirements for hospitals participating in Medicare after a watchdog agency recommended CMS should require the facilities to address the cybersecurity of their networked medical devices.
Legacy technology. Connected devices. Third-party access risks. Industrial sites face the same IT and OT challenges as other business enterprises, yet often they are overlooked. Michael Shannon of Cisco shares insights on IT/OT convergence and security transformation.
Owners of Western Digital My Book Live devices have seen their data remotely wiped by attackers targeting a flaw first detailed in 2019. But WD stopped supporting these devices in 2015, which is a reminder that the best way to secure some types of internet of things devices may be to discard them.
Security specialists are offering preliminary feedback on Microsoft's sneak peek at the new security measures to be included in the Windows 11 operating system, which is slated for release in December.
When medical device makers provide a software bill of materials for components contained in their products, it's critical to make that voluminous security information actionable for healthcare customers, says Rob Suárez, CISO at medical device maker Becton Dickinson and Co.