Could the internet of things be made more secure? A draft law in Britain would impose stronger cybersecurity regulations for manufacturers, importers and distributors of smartphones, TVs, toys and other "connected" digital devices, backed by the threat of fines of up to $13 million for noncompliance.
The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
The U.S. government warns all businesses that they're at elevated risk of online attacks during Thanksgiving, given attackers' proclivity to strike on weekends and holidays. The alert is a reminder of the importance of having in place well-practiced incident response plans. Here's where to start.
Many healthcare entities are resistant to implement multifactor authentication, and that is among the most frustrating critical security mistakes that organizations in that sector make, says Tom Walsh, founder of security consultancy tw-Security.
U.S. federal banking regulators have approved a new rule that will require banks to notify regulators no later than 36 hours after the organization determines it has suffered a qualifying "computer-security incident," the nation's top financial agencies announced this week.
Federal regulators and Philips issued advisories pertaining to several security vulnerabilities in certain patient monitoring and medical device interface products from the manufacturer. Exploitation could allow attackers to access patient data, launch denial of service attacks and more, they warn.
Cyberattacks perpetrated by criminally or financially motivated bad actors in New Zealand have nearly doubled from 14% in 2019-20 to 27% over the past year, according to a cyberthreat report from the country's National Cyber Security Center.
A comprehensive IAM program requires integration with HR and legacy systems to enable multifactor authentication, SaaS, and Identity-as-a-Service to provide secure user access and a secure user experience, says Hong Kong-based Varun Kakkar, group head of cybersecurity at Tricor Group.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...
This is the second episode of "The Ransomware Files," a podcast miniseries focused on stories of resilience in the fight against ransomware. An Australian company, Matthews, saw its backups corrupted and attackers release its data. The company recovered however, and has greatly improved its IT security defenses.
Law enforcement and intelligence agencies in the U.S, U.K. and Australia have issued a joint advisory on unidentified Iran government-backed advanced persistent threat actors exploiting Fortinet and Microsoft Exchange ProxyShell vulnerabilities to attack organizations in their respective countries.
A newly identified banking Trojan dubbed SharkBot is now targeting banking and cryptocurrency exchange customers across the U.K., Italy and the U.S. through a sideloading campaign and/or a social engineering campaign.
The specter of the May attack on Ireland's national health service loomed large at the IRISSCON 2021 cybercrime conference in Dublin, as cybersecurity experts gathered to detail the ongoing rise of ransomware and other types of online crime, as well as how to best combat such attacks.
Chipmaker Intel has issued a security advisory for two high-severity vulnerabilities in the BIOS reference code in Intel processors that may allow privilege escalation attacks. The vulnerabilities have a high CVSS v3 score of 8.2.
The network detection and response market is "relatively unchallenged at this point by other markets," and detection is the most important use case, says Nat Smith of Gartner, who shares key findings from the company's report titled Emerging Trends: Top Use Cases for Network Detection and Response.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.