Among the simplest things that vendors can do to help improve the cybersecurity of their products is providing better transparency, especially regarding the third-party components contained in their technology, says Rob Suárez, CISO of medical device maker Becton Dickinson.
The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.
As staff increasingly connect to networks using internet of things devices, researchers have found a new way of detecting malware on IoT devices. The method leverages electromagnetic field emanations and can detect stealthy malware on the devices even in the presence of obfuscation techniques.
Ransomware has captured the attention of many due to its far-reaching impacts on industrial control systems (ICS) and has become the primary attack vector for many industrial organisations in 2021. Once a problem that only affected IT infrastructure, incidents like Colonial Pipeline, Honeywell, and JB Foods showed...
Health technology providers - including makers of mobile health apps, personal health records, fitness devices and other related products - must keep a watchful eye on critical evolving privacy and regulatory issues in the months ahead, says attorney Brad Rostolsky of the law firm Reed Smith.
Preventing rogue device attacks is a critical component of Baptist Health's zero trust strategy, says Michael Erickson, CISO of the healthcare delivery system, which operates nine hospitals and other care facilities in Kentucky and Indiana.
The Cloud Security Alliance's new medical device incident response playbook aims to help healthcare entities plan for security incidents involving different types of devices, taking into consideration varying patient safety issues, say co-authors Christopher Frenz of Mount Sinai South Nassau and Brian Russell of...
As Russia masses troops on its border with Ukraine, the White House says Russian disinformation campaigns have been aimed at destabilizing Ukraine's government, while experts have seen a surge in "cyber intrusions" against infrastructure, banking and government targets in advance of a potential invasion.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
While there are many solutions that claim to simplify certificate lifecycle management, not all of
them are built to address the unique complexities of today’s expansive and distributed digital
When evaluating a certificate management solution, it is important to look for
key capabilities that...
Could the internet of things be made more secure? A draft law in Britain would impose stronger cybersecurity regulations for manufacturers, importers and distributors of smartphones, TVs, toys and other "connected" digital devices, backed by the threat of fines of up to $13 million for noncompliance.
The top cybercrime threats facing organizations in Europe and beyond include ransomware affiliate programs, more sophisticated mobile malware and cryptocurrency-hawking investment fraud, among other types of crime, according to Europol's latest Internet Organized Crime Threat Assessment.
The rise of 5G for business is accompanied by anticipation, but also anxiety. Will the expanded footprint of IoT create an unwieldy attack surface? Will the latency benefits of edge computing be worth creating a potential new strike vector? Don’t believe everything you read in the tech headlines.
In our next...