Medical device vendor Becton Dickinson and U.S. federal regulators have issued security alerts about vulnerabilities that potentially put certain infusion pump products from the manufacturer at risk for remote hacker attacks.
Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
Tens of thousands of minors on Instagram expose their email addresses and phone numbers, which child-safety and privacy experts say is worrisome. The kids have turned their profiles from personal ones to business ones, which Instagram mandates must have contact details. But is that appropriate for a child?
An essential component of a vendor risk management program is to understand how an organization's risk posture changes when a new vendor is added - especially if they have subcontractors, says Jagdeep Singh, CISO at InstaRem, a Singapore-based fintech company.
Digital transformation impacts the way that organizations deal with cybersecurity risk, says Tim Wilkinson of Avast Business, who provides advice on how to place security at the center of the transformation.
Carelessness, a lack of security awareness, unclear data ownership and poor toolsets are root causes of insider breaches, says Tony Pepper, CEO of Egress, which recently surveyed CISOs and employees to trace the cause of insider breaches resulting from both intentional and unintentional loss.
Crowdsourced bug bounty programs help organizations identify severe vulnerabilities in their apps and infrastructure. But that gamification model has been evolving to supply not only penetration testing but also deep dives by single researchers, says Bugcrowd CSO David Baker.
A Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in newer versions of the Windows operating system that he claims could affect an entire fleet of Windows-based devices.
Britain's biggest businesses continue to inappropriately expose servers and services to the internet, putting the organizations and data at risk, according to a study by Rapid7. Tod Beardsley describes the findings, including a widespread lack of phishing defenses as well as cloud misconfigurations.
Hacking and extortion attempts against organizations have unfortunately become all too commonplace these days. On Tuesday, an unlikely victim went public: the British band Radiohead. But was the band really a hacking and extortion victim?
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.