Facebook is suing NSO Group, a spyware company, alleging it developed a potent exploit to spy on WhatsApp messages sent by diplomats, journalists, human rights activists and political dissidents. Facebook is seeking damages and an injunction forbidding NSO Group from accessing its infrastructure.
The use of new standards can help strengthen cybersecurity risk management of medical devices at the Department of Veterans Affairs as well as other healthcare organizations, says Anura Fernando of UL, which recently completed a study with the VA examining gaps in medical device cybersecurity approaches.
What is the risk of having too many cybersecurity tools? Compromised visibility because of "tool sprawl," say Brian Murphy and Seth Goldhammer of ReliaQuest. Enterprises are now awakening to this challenge and attempting to overcome it.
According to Ricardo Villadiego, Lumu Technologies' Founder and CEO, organizations are "sitting on a gold mine: their own data". Under the single premise that organizations should assume they are compromised and prove otherwise, Lumu seeks to empower enterprises to answer the most basic question: Is your organization...
The threat and risk surface of internet of things devices deployed in automobiles is exponentially increasing, which poses risks for the coming wave of autonomous vehicles, says Campbell Murray of BlackBerry. Large code bases, which likely have many hidden software bugs, are part of the problem, he says.
Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
Federal regulators are proposing a "safe harbor" that would permit hospitals to donate certain cybersecurity software and services to physicians. The move would modify the so-called Stark Law and federal anti-kickback regulations.
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
Connected devices - the sheer number of them and the scale of the cybersecurity risks they pose - are a top concern in 2020 and beyond, says Robert Falzon of Check Point Software Technologies, who weighs in on the threats and technologies he's watching.
5G is coming, and with it comes the promise of connectivity on an unprecedented scale. And then there are the security concerns about infrastructure, connected devices and a new multifaceted attack surface. Olivera Zatezalo of Huawei Technologies Canada discusses these concerns.
Healthcare organizations can take steps to start mitigating risks while awaiting vendor software patches to address URGENT/11 IPnet vulnerabilities in their medical devices, says researcher Ben Seri of security firm Armis, which identified the flaws.
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.
A bipartisan group of lawmakers has introduced a bill to help U.S. telecommunications providers "rip and replace" any Chinese-built networking equipment. The move comes as many experts warn that using Huawei or ZTE 5G equipment poses an unacceptable national security risk.
The Food and Drug Administration has issued an alert warning healthcare organizations about 11 vulnerabilities dubbed "URGENT/11" involving IPnet, a third-party software component that may introduce risks for certain medical devices and hospital networks.