Information security weaknesses that a watchdog agency found at the FDA are similar to those found at many healthcare organizations, some security experts say. But the FDA should be held to an even higher standard than the organizations that implement FDA-regulated drugs and devices, they argue.
Britain's privacy watchdog agency has slammed the telecommunications company TalkTalk with a record fine of £400,000 ($511,000) for multiple information security failings that allowed a hacker to bypass access controls and exfiltrate customer data "with ease."
Britain has launched a new National Cyber Security Center to help U.K. organizations better respond to cybersecurity incidents. But Brexit is imperiling intelligence-sharing arrangements that help the U.K. battle attacks and track cybercriminals.
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
In this in-depth interview, cybersecurity researcher Jay Radcliffe explains flaws he identified in certain Johnson & Johnson wireless insulin pumps that make them vulnerable to hacker attacks. His discoveries led the device maker to issue warnings to patients and physicians.
Attackers have healthcare entities in their crosshairs, and their favorite targets are easily compromised credentials. Tracy Hulver of Synchronoss offers new ideas for how security leaders can better manage and secure identities.
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
Enterprises should employ new modeling, simulation and intelligence tools to provide insight into potential exploitable attack vectors before an incident occurs, Michelle Cobb, vice president at Skybox Security, says in a video interview.
Bad news: A developer has released the source code for Mirai malware, which is designed to automatically find and hack internet of things devices, turning them into DDoS cannons. The malware has been tied to recent record-smashing DDoS attacks.
Even though the U.K. is preparing to exit the EU, British businesses must prepare to comply with GDPR, the EU's new data privacy law. That's the message from the new U.K. information commissioner, who oversees enforcement of the country's privacy laws.
In a video interview, Troy Leach, CTO of the PCI Security Standards Council, explains enhanced standards designed to help ensure that POS vendors can stay ahead of new attacks aimed at defeating encryption.
The Yahoo breach - and the theft of unencrypted security questions and answers - is a reminder to use unique passwords and security questions, store them using a password safe and take advantage of two-factor authentication whenever it's available.
Want to build a cybercrime empire predicated on selling stolen payment card data? Here's how carder forum Vendetta Network blends outsourcing, partnerships and best-of-breed tools to maximize profits while minimizing risk.
Blunting Yahoo's attempt to blame nation-state attackers for its record-breaking breach, security firm InfoArmor says it's traced the 2014 hack to a cybercrime gang that's quietly resold the stolen data several times over.