IoT devices are generating duplicate prime numbers while generating RSA keys, putting them at risk of a factoring attack, according to new research, which shows such an attack could be done at scale and at a low computing cost.
To help enhance security, Firefox extension developers will be required to set up their accounts to support two-factor authentication beginning early next year, Mozilla, the open source community that supports the browser, has announced.
Fraud prevention is a perpetual cat-and-mouse game as fraudsters develop new tools and uncover new ways to monetize their activities, says Anthony Cardoza of XTN Cognitive Security, who offers defensive insights.
Improving the security of diverse medical devices is a major challenge for a variety of reasons, according to security leaders at two device manufacturers, who spell out the key issues in this interview.
The gang behind Maze ransomware has begun publicly identifying its victims and listing data that it exfiltrated from systems before leaving them crypto-locked. The intent is clear: By naming and shaming victims, the Maze gang is trying to compel them to pay.
Blue Cross and Blue Shield Minnesota is reportedly racing to address tens of thousands of security vulnerabilities after a whistleblower on the health insurer's security team alerted the company's board of trustees about the problems. Why do some companies lag on addressing security issues?
Suspicious code uploaded to VirusTotal points to Ryuk ransomware being used in a crypto-locking malware attack against New Orleans. Mayor LaToya Cantrell has declared a state of emergency and the city is continuing its recovery, noting that no emergency services have been affected.
Encrypted chat and messaging application Keybase has found out what happens when you wrap a cryptocurrency giveaway into your service. In short: Everyone comes out the woodwork to try to get a slice of the pie.
Several sophisticated cybercriminals gangs are targeting "fuel dispenser merchants" throughout North America, in some cases by planting malware within corporate networks to steal payment card data, Visa warns in a new alert.
What connected devices are sneaking into the enterprise, and the advent of 5G technology only broadens the potential attack surface. Diana Kelley of Microsoft discusses the growing risks from connected devices and how to approach mitigation in 2020.
How confident are security leaders in their enterprise cybersecurity posture? And in turn, how are business leaders marketing cyber confidence to customers and partners? Alex Pitigoi of Nominet shares insights and analysis from new research.
Even in the post-EMV era, payment card data is very much thriving on the dark web. Why is data still so accessible to fraudsters, and how can card issuers and merchants alike improve card data security? Christine El Eris of Fiserv discusses fraud trends.
Just by using the term "artificial intelligence," we're already having the wrong conversation about machines and cybersecurity, says Chris Calvert of Respond Software. What conversations should we be having? Calvert discusses the proper balance of humans and machines.