D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices. The terms of the settlement may serve as a warning to IoT makers to get their security checks in order.
Sophos is the latest security firm to create a proof-of-concept exploit for the BlueKeep vulnerability in older versions of Windows. The company echoed several government agencies that have urged businesses to patch their devices.
The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned. Here's what hasn't changed since the last time: mathematics and the choice between strong crypto protecting us or weak encryption - aka backdoors - imperiling us all.
The firmware of more than 500 Huawei networking products is riddled with security weaknesses that make the vendor risky to use for 5G networks, a new report contends. The study analyzed more than 9,000 firmware images in 558 enterprise products from the Chinese company.
An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.
Increasingly, cyber attackers are molding technology and human intelligence into blended threats that prey upon vulnerable defenses. Chester Wisniewski of Sophos lays out how organizations can become more mature in preparedness and response.
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Yet another warning has been issued about the BlueKeep vulnerability in older versions of Microsoft Windows. The latest comes from the Department of Homeland Security, which tested a remote code execution exploit.
Not all that crashes has been hacked. To wit, this past weekend there were multiple major outages, including much of Argentina and Uruguay going dark, as well as U.S. retailer Target's system problems leaving customers unable to pay for goods. But none of these outages were due to cyberattacks.
Medical device vendor Becton Dickinson and U.S. federal regulators have issued security alerts about vulnerabilities that potentially put certain infusion pump products from the manufacturer at risk for remote hacker attacks.
When it comes to drivers for implementing and maintaining privileged access management programs, Wallix's Grant Burst says that demonstrating compliance and safety remain top priorities. Another driver, he says, is the sheer interconnectedness of devices - driven by the rise of IoT.
After a two-year absence, the FIN8 hacking group has returned with a new campaign targeting POS machines in the hotel industry with malware in an effort to steal credit card information and other data, according to new research.
The White House budget chief is seeking to delay a ban on the U.S. government using products manufactured by Huawei. In a letter to Vice President Mike Pence, Russell T. Vought, the acting director of the Office of Management and Budget, says organizations need more time to switch suppliers.