The FTC rejected arguments from major technology companies and trade groups that independent repair shops increase risks to data security. That could help propel the "right to repair" movement, which contends manufacturers use anticompetitive tactics to lock consumers and independent repairers out.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
With all the talk of sophisticated adversaries and evolving threats to users and devices – what about threats to building management systems? Jeremy Morgan of Industrial Defender discusses this threat landscape and the role of automated tools to defend it.
Does the West want to have its digital existence defined by adversaries, or is it ready to devote the time, resources, expertise and planning required to more fully take control of its evolving destiny? That's the techno-Darwinian call to arms issued by Jeremy Fleming, the director of Britain's GCHQ intelligence...
The FIDO Alliance, an association that has developed voluntary authentication standards with a goal of minimizing the use of passwords, has launched an onboarding protocol for IoT devices that's designed to enhance security.
Law enforcement agencies use forensics tools from Israeli company Cellebrite to gain access to locked mobile devices and extract data. But the creator of encrypted messaging app Signal says he's found vulnerabilities in Cellebrite's tools, raising questions about whether the extracted data can be trusted.
Given the surge in the use of telehealth during the COVID-19 pandemic - and expectations for continued growth - the Healthcare and Public Health Sector Coordinating Council has unveiled guidance on safeguarding patient data during remote care encounters.
A bombshell news report suggests that Dutch mobile network provider KPN in 2010 didn't know if one of its major equipment suppliers - China's Huawei - was spying on users. Viewed 11 years later, the report stands as a reminder to constantly review and address risks posed by suppliers.
Adopting the "zero trust" model is essential to ensuring security as organizations use more IoT devices, says Fred Streefland of Hikvision, a Chinese company that manufactures video surveillance equipment. He addresses misconceptions about the model.
More precise and pervasive cybersecurity threat modeling during manufacturers' development of medical devices - and also during the regulatory product review process - is critical for risk mitigation, says Kevin Fu, new acting director of medical device cybersecurity at the FDA.
When a breached organization such as Ubiquiti says it is "not currently aware of evidence" that attackers stole customer data, it too often means: "We don't know, because we failed to have in place the robust logging and monitoring capabilities that might have provided us all with real answers."
IoT device manufacturer Ubiquiti revealed in a security notice that an attacker had attempted to extort money from the company following a December 2020 cyber incident - a fact not mentioned in the company's earlier notice about the attack.
Android device users are being targeted by a sophisticated spyware app that disguises itself as a "system update" application, warns mobile security firm Zimperium. The app can steal data, messages and images and take control of phones.
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.