A dozen medication and supply management products from Becton Dickinson and Co. are vulnerable to flaws identified last year in the WPA2 protocol, putting the products at risk for so-called KRACK attacks, according to a federal alert. Such attacks can potentially lead to malware infections.
Mark Jaffe is less concerned about how adversaries breach networks, but more concerned about how to secure their actual target - critical data. His startup company, Allure Security, intends to help secure that data.
Fitbit and Google say they are collaborating to accelerate innovation and "transform the future" of digital health and wearables, leveraging cloud computing. Some observers, however, say the partnership also raises privacy, security and patient safety questions.
The managed security services marketplace has matured, says Rick Miller of Trustwave. But persistent myths continue to color perceptions. Miller attempts to shatter those myths and shed light on the market's new realities.
Business email compromise and account takeover attacks haven't faded; they've just morphed. Wes Dobry of Agari discusses the new wave of these attacks and how organizations can do a better job of detecting and responding to them.
Jan Koum, WhatsApp's co-founder, is leaving Facebook. His departure marks another exit of a high-level privacy and security advocate. If Facebook continues to lose those who could better influence the social networking site's worrying views toward user data, what does that mean for the rest of us?
The head of the NSA's Cybersecurity Threat Operations Center says attackers haven't bothered targeting unclassified U.S. Defense Department networks with a zero-day exploit in 24 months. Instead, they attempt to exploit flaws within 24 hours of information of the vulnerability or exploit going public.
Twitter is now caught up in the Cambridge Analytica scandal: The social network sold public Twitter data to Aleksandr Kogan, the same person who sold Facebook data to Cambridge Analytica. Twitter says Kogan obtained no private information on users.
As the head of DevSecOps at Intuit, Shannon Lietz tracks the real-world tactics, techniques and procedures hackers use against her organization. She's cataloged the top 10 application security attack techniques being used against Intuit, which differ markedly from the OWASP top 10.
What are some of the complexities of the EU's General Data Protection Regulation, which will be enforced beginning May 25? Gerald Beuchelt, CISO at LogMeIn, offers compliance insights in an in-depth interview.