Time for another internet of things update nightmare: Researchers have found that a little-known but widely used TCP/IP software library built into millions of internet-connected devices has 19 flaws that need fixing. Developer Treck has issued fixes, but how many vulnerable devices will end up patched?
The Trump administration's continued press against China snared an unintended victim: America's own influence over 5G standards development. But the U.S. Commerce Department says a new rule will free U.S. firms to work with any company, including China's Huawei, on developing new telecommunications standards.
Southeast Asia has become a hotbed for cybercrime activities, says Anthony Bargar, former deputy CISO of the U.S. Department of Defense, who says enterprises in the region need to take a collaborative defense approach to respond to this new threat environment.
Researchers at MIT and the University of Michigan have uncovered multiple security flaws in the online voting platform OmniBallot which could allow hackers to access and manipulate voter data. The platform is currently in use in three states for military personnel and disabled residents.
The latest edition of the ISMG Security Report discusses Europol's launch of the European Financial and Economic Crime Center, and also details the London Met's perspective on recent cybercrime trends, and to need to maintain a paper audit trail for mobile voting.
Carnegie Mellon University Software Engineering Institute's CERT notification center has posted a warning of a flaw in the Universal Plug and Play protocol that could potentially affect billions of internet-connected devices. If exploited, this flaw could lead to DDoS attacks and theft of data.
A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic.
Perceived wisdom is that mobile voting will be open to significant opportunities for interception, manipulation and nation-state interference. Nimit Sawney, CEO of Voatz, describes the architecture of a secure mobile voting system.
With internet connectivity getting added to an increasing number of products, privacy and security risks abound. But buyers may be unaware. A team of Carnegie Mellon University researchers aims to change that, by clear labeling of connected devices and the risks they may pose.
Beyond mere information sharing, collective defense is a concept that aligns public and private sectors in a unified front against cyber threats. Bill Swearingen of IronNet Cybersecurity defines the concept and how it's being employed today.
Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
The COVID-19 pandemic has created a new series of cybersecurity challenges for election officials across the U.S., including concerns about the security of mail-in ballots and vulnerable networks for local election workers still working from home, according to a new report.
The latest edition of the ISMG Security Report sizes up progress made so far on identity management and the work yet to be done. Also featured: how security concerns are holding back IoT projects and the privacy issues raised by recording videoconferences.