Microsoft's IoT platform, Azure Sphere, which launched in February, is the company's bet to address the growing security and management problems around connected devices. A three-month bug bounty program for the platform resulted in resolving a number of vulnerabilities and awarding $374,000 in bounties.
When it comes to a breach and exposed data, a Digital Risk Protection program represents a way to reduce the potential damage. Tyler Carbone of Terbium Labs outlines the essential elements and use cases of a mature DRP program.
Ransomware has emerged as the No. 1 online threat targeting public and private organizations this year. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." Meanwhile, many victims fail to report such crimes to police.
In the latest in a series of election security reports from government agencies, the U.S. Department of Homeland Security says Russia poses the most serious nation-state disruption threat to the U.S. presidential election, with China and Iran also posing threats.
Microsoft is warning that hackers with connections to Iran, as well as other threat actors, are attempting to exploit a critical vulnerability in Windows Server dubbed Zerologon, for which it has issued a partial patch.
Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.
A recent ransomware attack on a provider of software used by firms involved with COVID-19 vaccine development and other drug clinical trials illustrates increasing cyberthreats facing medical industry supply chain partners.
John McAfee, the founder of the cybersecurity firm that bears his name who also is a serial entrepreneur and a former presidential candidate, has been charged with federal income tax evasion. Plus, the SEC is accusing him of promoting initial virtual coin offerings without disclosing he was paid to do so.
2020's health crisis has created an unexpected boom in telemedicine initiatives. But with this rapid innovation and adoption comes a corresponding uptick in fraud. Dean Nicolls of Jumio Corporation talks about how improving identity verification can help curb the trend.
Organizations around the world must build stronger cyber resilience programs to help ensure they can bounce back from cyberattacks, says Craig Rice, group director of cyber resilience at Aviva, a British multinational insurance firm, who describes how regulatory requirements will evolve.
Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
A Chinese-speaking hacking group used a rare Unified Extensible Firmware Interface bootkit dubbed "MosaicRegressor" to target nongovernment organizations and diplomatic missions with an espionage campaign for two years, the security firm Kaspersky reports.