A critical component within millions of consumer and enterprise IoT devices has dangerous software flaws. New research from Forescout Technologies into open-source TCP-IP stacks shows millions of devices from 150 vendors are likely vulnerable.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
Microsoft is revamping its controversial "productivity score" in Microsoft 365 so that individual workers can no longer be tracked. The move follows warnings by privacy advocates that the feature was a step too far into the realm of workplace surveillance.
It's understood: Ongoing monitoring of third party relationships is mission-critical. But what constitutes ongoing monitoring? Who should own it? Who should do it? Todd Boehler of ProcessUnity addresses these questions and more.
Fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the FBI warns.
The gang behind the Conti ransomware variant has posted data to its darknet website that it says it stole during a ransomware attack on industrial IoT chipmaker Advantech last month. The company reportedly confirmed the attack on Monday.
A hacking campaign in Germany is using compromised websites and social engineering tactics to deliver the Gootkit banking Trojan or REvil ransomware, according to Malwarebytes.
As Asia gears up for the proliferation of 5G in the new decade, DDoS threats are set to explode. Donny Chong of Nexusguard shares key takeaways from a recent ISMG roundtable discussion series
Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
Interpol, Nigerian law enforcement agencies and security firm Group-IB have collectively uncovered a massive Nigerian business email compromise gang that was active across more than 150 countries. Three suspected members have been arrested in Nigeria.
Glen Hymers, CISO and head of data protection at the U.K.-based charity Save the Children International, says adapting to a cloud-first environment requires extensive security measures, including automated monitoring.
Two vulnerabilities in Tesla's keyless entry system allowed researchers to clone a key fob and drive away with a Model X. The electric vehicle manufacturer is issuing over-the-air updates to fix the flaws, which allegedly center on a failure to validate firmware updates and a faulty Bluetooth pairing protocol.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
The U.S. Senate on Tuesday unanimously passed federal IoT security legislation that will require the government to only procure devices that meet minimum cybersecurity requirements. The bill now moves to President Donald Trump's desk.
IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.