Federal regulators and medical device maker Medtronic have issued alerts about the lack of encryption on certain cardiac programming devices that could potentially allow inappropriate access to patient information.
Twitter says that an unspecified number of its users may have been targeted by state-sponsored hackers seeking to unmask their identity. Separately, Trend Micro says Twitter has blocked an account that was posting image memes designed to remotely control malware-infected PCs.
The battle against Russian disinformation is far from over. Two in-depth Senate reports have revealed that such campaigns continue despite efforts by social media companies to cleanse their platforms. Researchers say Facebook's Instagram may be the next battleground.
DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.
Democratic senators have introduced yet another version of data security legislation that would create a federal breach notification requirement. Meanwhile, the Center for Democracy & Technology has drafted a model for a broad national privacy bill.
In the aftermath of the Marriott breach, it's fair to characterize Gartner's Avivah Litan as mad as hell and not wanting the U.S. to take it anymore. Going into 2019, Litan has policy and technology recommendations for national cyber defense.
Ireland's privacy watchdog is probing data breaches at Facebook that exposed users' private data. In the latest breach to be disclosed, Facebook has warned that for a 12-day period in September, up to 6.8 million users' private photos may have been revealed to 1,500 apps built by 876 developers.
For the second time this year, health insurer EmblemHealth has been hit with a state financial penalty in connection with a 2016 breach that exposed Social Security numbers on mailings to more than 81,000 plan members.
Organizations are increasingly moving their mission-critical applications and data to Amazon Web Services (AWS) and taking advantage of the massive compute power of Amazon Elastic Compute Cloud (Amazon EC2).
Super Micro Computer says a third-party audit of its recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.
By building in some risk intelligence upfront, organizations can upgrade their security operations centers and reduce the noise from the sheer volume of alerts and false positives, says Ganesh Prasad of RSA, who shares insights.
In the wake of the recent Marriott and National Republican Congressional Committee data breaches, now is the time to get your board's attention regarding breach response and public disclosures. Attorney Mark Rasch offers insights for preparing and practicing response plans.
The data being used to drive effective anti-fraud efforts can be rich in context and useful for other activities. Jim Apger of Splunk describes emerging fraud schemes and solutions, highlighting the role of machine learning.
The fraudsters have more tools and information than ever at their disposal to pull off socially engineered schemes. But how can the victims turn the tables? Agari's Andrew Coyle discusses new tools and strategies to improve defenses.
The lack of standardization is one of the significant challenges when securing OT environments. Customizing and aligning OT security with the business is key, says Uday Deshpande, CISO at Mumbai-based L&T Group.