Owners of Western Digital My Book Live devices have seen their data remotely wiped by attackers targeting a flaw first detailed in 2019. But WD stopped supporting these devices in 2015, which is a reminder that the best way to secure some types of internet of things devices may be to discard them.
Security specialists are offering preliminary feedback on Microsoft's sneak peek at the new security measures to be included in the Windows 11 operating system, which is slated for release in December.
This edition of the ISMG Security Report features an analysis of CISA's finding that agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by properly configuring firewalls. Also featured: Congressman discusses deterring nation-state attacks; insider threat mitigation tips.
Organizations in the middle east need to meet potentially conflicting demands to achieve secure business transformation – blocking more attacks, increasing visibility across endpoints, enhancing their breach defense strategy, while improving incident response times and boosting threat hunting capabilities.
View...
When medical device makers provide a software bill of materials for components contained in their products, it's critical to make that voluminous security information actionable for healthcare customers, says Rob Suárez, CISO at medical device maker Becton Dickinson and Co.
With 80% of data residing in non-production, this provides a rich attack surface for cyber criminals to exfiltrate potentially unsecured data that’s been copied from production.
Join Henry Carse to learn how to automate the securing of lower environments, to prevent data breaches and the costly compliance fines...
The global law enforcement "Anom" honeypot operation racked up impressive statistics for the number of criminals tricked into using the encrypted communications service. Psychology was at play: Officials say users flocked to the service after they disrupted rivals EncroChat and Sky Global.
Bitcoin has enabled fast payments to cybercriminals pushing ransomware. How to deal with bitcoin is the subject of a spirited debate, with some arguing to restrict it. But bitcoin doesn't always favor cybercriminals, and it may actually be more of an ally than a foe by revealing webs of criminality.
Apple has released patches for two zero-day vulnerabilities and a fix for another security issue, all of which affected devices running iOS version 12.5.3. It says the zero-day flaws are being exploited in the wild.
How can endpoint security tools help in combating attackers who enter organizations by such stealthy means as "living off the land" attacks? In this Tech Spotlight, Adam Licata of Symantec, a division of Broadcom, discusses the new endpoint security challenges for cybersecurity leaders.
In an interview with...
With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.
The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free. Has the increased focus by Western governments on combating ransomware been driving this and other operations to exit the fray?
Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
Some 26 million passwords were exposed in a 1.2 terabyte batch of data found by NordLocker, a security company. It's workaday botnet data, but it highlights a hostile malware landscape, particularly for people still inclined to download pirated software.
Weeks after VMware issued patches to address vulnerabilities in its vSphere Client (HTML5), threat intelligence firm Bad Packets says threat actors are mass scanning for vSphere hosts vulnerable to remote code execution.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.