The Department of Homeland Security and Philips have issued alerts about cyber vulnerabilities that have been identified in some of the company's medical devices. Are device makers becoming more forthcoming about cyber issues?
A cryptocurrency investor is suing AT&T for $240 million, alleging he lost $24 million in virtual currency after the carrier failed to stop two separate attacks where his phone number was commandeered by attackers. The incident highlights the dangers of using a phone number as an authentication channel.
The Meltdown and Spectre attacks from earlier this year showed how the quest to make CPUs run faster inadvertently introduced serious security vulnerabilities. Now, researchers have unveiled a new attack called Foreshadow that builds on those findings, affecting millions of Intel processors made over the past five...
Although cybersecurity plans sometimes clash with business goals, the role of security should be to enable the business and not necessarily lock everything down, says Andrew Woodward of Australia's Edith Cowan University.
The FBI warns that cybercriminals are planning a large-scale operation aimed at emptying ATMs, a type of attack that has caused swift and costly losses for financial institutions. The attack may utilize data from a breach of an unknown card issuer, the FBI says.
Cybercriminals in Brazil have capitalized on older vulnerabilities in D-Link routers for financially motivated phishing attacks. The attackers changed DNS settings to use their own malicious DNS server, allowing for seamless shifts to phishing sites.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.
Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas.
Hubris has a new name: Bitfi. The cryptocurrency wallet-building company, backed by technology eccentric John McAfee, earned this year's not-so-coveted Pwnies Award for "Lamest Vendor Response" for how it mishandled security researchers' vulnerability disclosures. Bitfi has promised to do better.
Espionage: Every nation does it. But for nation-state hacking that targets intellectual property or interference in political affairs, the U.S. has been using criminal indictments against individuals as a diplomatic way of saying: "We see what you're doing, now knock it off." But does it work?
The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
The FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and attachments with malware, federal prosecutors allege. The group's success - 15 million stolen payment cards and counting - is one measure of how difficult these types of attacks are to block.
The cost of the city of Atlanta's mitigation and subsequent IT overhaul following a massive SamSam ransomware infection in March could reach $17 million, of which $6 million has already been budgeted for new devices, security enhancements as well as upgrades, according to news reports.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.