Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
A Food and Drug Administration warning regarding security vulnerabilities found in certain infusion pumps of one vendor will likely be followed by cybersecurity alerts about flaws in medical devices from other manufacturers.
An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
Security vulnerabilities in certain infusion pumps manufactured by Hospira could allow an unauthorized user to alter the dose the devices deliver, the FDA warns. Just a few months ago, the FDA issued a medical device security guide.
After recently announcing an investigation, Sally Beauty Supply now confirms that it has "sufficient evidence to confirm that an illegal intrusion into our payment system has indeed occurred." The retailer reported a similar breach in March 2014.
The FTC will not call a witness to refute damaging testimony by a former employee of Tiversa, the firm at the center of the FTC's security case against medical testing company LabMD. The case could proceed to closing arguments in the coming weeks.