A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
Recently, the FDA was forced to recall a series of insulin pumps because of cybersecurity vulnerabilities that could have left the devices open to hackers. Jesse Young of QED Secure Solutions, one of the researchers who discovered this vulnerability, discusses key medical device security issues.
ISMG and Cybereason visited Dallas on their "Indicators of Behavior" roundtable dinner tour. And Cybereason CSO Sam Curry says the discussion validated the notion that it's time to reimagine incident detection and response.
The battle between Huawei Technologies and the White House continues to intensify, with the Chinese manufacturing giant accusing the U.S. of "using every tool at its disposal" to disrupt its business, including cyberattacks and employee intimidation.
An extraordinary iPhone hacking campaign revealed by Google last week may be linked to other Android spying campaigns focused on websites related to the Uyghurs, a Chinese Muslim minority group, and the East Turkistan region of China, according to new research from Volexity.
Deploying deception technology can give organizations a leg up when it comes to more quickly spotting and responding to data breaches, provided they configure and utilize the technology appropriately, says Rocco Grillo of the consultancy Alvarez & Marsal.
Nation-state actors, cybercriminals, hacktivists - each of these adversaries poses threats to enterprises. But how can organizations prioritize the threats and respond based on business risks? Craig Harber of Fidelis Cybersecurity discusses advanced threats and how to raise the bar on response.
India has set a lofty goal of building its gross domestic product to $5 trillion by 2024, nearly double the current $2.8 trillion economy. If the cybersecurity sector can rapidly expand, it could play a role in fueling economic growth.
Providence Health Plan says some of its members were among the nearly 3 million individuals affected by a data breach revealed by health plan administrator Dominion National in June. What lessons are emerging from that security incident and others involving third parties?
Security needs to be reinvented for the internet of things, and start-up companies can play a critical role, says Robin Saxby, the former CEO and founder of Arm Holdings, a U.K.-based semiconductor company, who now invests in start-up firms.
Do criminal organizations prefer to target organizations that hold cyber insurance policies? A ProPublica report suggests that because cyber insurance policyholders are more likely to pay ransoms, they're a more frequent target. But some cybersecurity experts have expressed skepticism.
Bulgaria's Personal Data Protection Commission has fined the nation's tax agency $2.9 million for failing to stop a breach that leaked tax records for nearly all of the country's citizens. Meanwhile, prosecutors have filed related criminal charges against employees of a penetration testing company.
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
A "zero trust" security model makes it easier to manage application access and protect against malicious users, but the rollout of the model must be managed in a very organized way, says Mani Sundaram, CIO and EVP, Global Services and Support, at Akamai Technologies.
A federal grand jury indictment of Seattle software engineer Paige A. Thompson charges her with stealing 100 million records from Capital One, stealing data from at least 29 other organizations, as well as using hacked cloud computing servers to mine for cryptocurrency.