The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues. Earlier, researchers and F5 had urged users to patch the flaw.
The rapid pace of change for the the industrial internet of things will open up new risks for attacks and will require close attention to security, according to a new study from the Lloyd's Register Foundation.
As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency.
As the risks to IT and OT converge, organizations must ramp up their threat intelligence information sharing mechanisms and build a more comprehensive cybersecurity policy, says Singapore-based John Lee, managing director of GRF Asia, a federation for building global resilience.
As cyberthreats facing healthcare organizations soar, medical device maker Becton, Dickinson and Co. has ramped up its process for coordinated disclosure of vulnerabilities to help identify, assess and communicate issues to regulators and industry stakeholders, says BD's Dana-Megan Rossi.
The U.S. Federal Communications Commission has officially designated China's Huawei Technologies and ZTE Corp. as "national security threats," barring American telecommunications firms from using certain federal funds to buy their equipment, such as for building 5G networks.
Enterprises need to move away from manual threat detection methods to leverage artificial intelligence, which can help boost defenses, says Dr. Jassim Haji, president of Artificial Intelligence Society, Bahrain Chapter.
If you've managed to equip your home with smart devices and appliances that work properly, you probably think you're all set. But there are no regulations around how long manufacturers must provide security updates, which could mean a smart device could become a risk.
Many ethical hackers and other security professionals, such as penetration testers, have weaponized cloud platforms to host online attack infrastructure or have used the platforms to conduct reconnaissance, according security researchers at Texas Tech University.
Britain's failure to contain COVID-19 - despite Prime Minister Boris Johnson promising a "world-beating" effort - now includes a failed digital contact-tracing app. A new version, built to work with Apple and Google APIs, may be released by winter. Really, what's the rush?
A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic.
Addressing digital payment security challenges requires having good identity verification capabilities as well as a strong authentication process that's friction-free for consumers, says Singapore-based Gautam Aggarwal, senior vice president and regional chief technology officer, Asia Pacific, at Mastercard.