Millions of connected devices already have been potentially compromised - inside and outside of the enterprise. Phil Marshall of Tolaga Research is concerned about when and how attackers will take advantage of these in the next big IoT strike.
AusCERT is one of the oldest CERT's in the world, and Phil Cole says the independent organization is now laser-focused on helping enterprises across sectors to fundamentally improve their strategies and solutions for incident response.
Two Iranian nationals remain at large after being charged by the U.S. Department of Justice with hacking into a Vermont-based engineering firm and stealing software used to develop projectiles, ranging from bullets to GPS-guided artillery shells and missiles.
Fighting a well-established cyber underground churning out increasingly complex malware requires that defenders change tactics to make it far more difficult for attackers to succeed, says Sajan Paul of Juniper Networks.
Dow Jones is blaming user error for an Amazon Web Services S3 bucket misconfiguration that exposed data on about 2.2 million customers. In recent months, Verizon, WWE, Scottrade and a data analytics firm aligned with the Republican Party have been similarly caught out.
An investigation into a single IP security camera has unfolded into yet another worrying finding in the land of the internet of things. Millions of IoT devices may have a remotely executable buffer overflow in an open-source code component, according to cybersecurity company Senrio.
Package-delivery giant FedEx is warning that the global outbreak of NotPetya malware will "materially impact" profits; its TNT Express international delivery service continues to experience "widespread service delays" as it struggles to restore crypto-locked systems.
What trait does a global cyberattack and a hurricane share? Both could cost insurers - and victims - dearly. In a new report, Lloyd's of London estimates that a major cloud services attack could trigger $53 billion in losses and cleanup costs.
Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.
The plaintiffs who are suing Donald Trump's presidential campaign for conspiring with Russia and WikiLeaks over disclosing their private information stolen from Democratic Party computers could declare a moral victory even if they lose their case. Could exposing the truth be their ultimate goal?
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?
New cybersecurity legislation under consideration in Singapore would make it mandatory for owners of critical information infrastructure to report security breaches within hours and require cybersecurity vendors providing highly sensitive services to be licensed.