Vodafone is disputing a Bloomberg report that security vulnerabilities and backdoors within Huawei networking equipment could have allowed unauthorized access to its fixed-line carrier network in Italy. The report comes as Huawei continues to face concerns over its engineering practices and government ties.
An independent security researcher is warning about a vulnerability in peer-to-peer software used in millions of IoT devices that could allow a hacker to eavesdrop on conversations or turn these items into a botnet.
Docker, which offers an open source container platform, is notifying users that an intruder briefly had access to sensitive data from 190,000 Docker Hub accounts, or less than 5 percent of Hub users. But the breach has caused a collective gasp because it potentially magnifies risks for enterprises.
The risks posed by third-party vendors are a top concern for Aaron Miri, CIO of University of Texas at Austin's Dell Medical School and its affiliated UT Health Austin group practice. He explains steps he's taking to help mitigate those risks.
Google is facing questions from Congress about Sensorvault, its database that stores the geolocation data of millions of Android users, which has sometimes been shared with police as part of criminal investigations.
Organizations face a variety of security challenges as they attempt to secure their environments from the ever-changing threat landscape. As they look to gain more insight from their security devices, while gaining improved speed to detect and respond, managed detection and response is becoming a go-to solution.
A warning that a smartwatch marketed to parents for tracking and communicating with their children could be coopted by hackers leads the latest edition of the ISMG Security Report. It also reviews how a DNS hijacking campaign is hitting organizations and how "dark patterns" trick users.
Mitigating medical device cybersecurity risks can be a matter of life and death, warns federal adviser and security expert Anura Fernando, who says ensuring that medical device network connections are properly managed, monitored and secured is "much like keeping a weapon in a safe with the safety on."
A "flaw" in the file format of the DICOM standard for communication of medical imaging information could be exploited to hide malware in MRI and CT scans alongside patient data, according to a new research report. But the developer of DICOM contends the feature isn't a flaw and any risks can be mitigated.
U.S. CERT has issued a fresh warning about a newly discovered Trojan called Hoplight that is connected to a notorious APT group with links to North Korea. The malware has the ability to disguise the network traffic it sends back to its originators, making it more difficult to track its movements.
The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.