Several prominent business executives and politicians, including Joe Biden, Elon Musk and Bill Gates, had their Twitter accounts hijacked in what appears to be a cryptocurrency scam, according to news reports. Some security experts believe that two-factor authentication protections failed.
Some units within the U.S. Energy Department lack adequate security controls and practices to mitigate risks posed by peripheral devices, such as USBs, printers, scanners and external hard drives, according to an inspector general report.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
The British government has officially reversed course and will now ban Huawei's telecom gear from its 5G networks. The ban on use of the Chinese firm's equipment, based in part on U.S. sanctions against the manufacturer, goes into effect at year's end.
An Israeli court has dismissed a petition filed by Amnesty International that sought to revoke the security export license of NSO Group, a tech firm that's been accused of selling hacking tools to governments for targeting dissidents, journalists and lawyers.
It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.
Enterprises want to make greater use of connected devices to develop new services and gain efficiencies, but security is a paramount concern. Piers Hogarth-Scott and Katherine Robins of KPMG break down the risks and the challenges around IoT security.
The lessons of the Mirai botnet's abuse of internet-connected devices four years ago have been taken to heart, says Aaron Guzman of OWASP, which is working with others to improve security benchmarks and testing for connected devices.
Manufacturers are increasingly adding connectivity to everyday devices, but it's not always evident how privacy and security is managed. Detailed technical labels could give purchasers more insight, says Pardis Emami-Naeini, a post-doctoral scholar at Carnegie Mellon University.
Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.
Check Point Research reports that a new version of the Joker mobile malware that infects Android devices has emerged. The malware, hidden in apps in the Google Play store, has once again evaded Google's security tools.
The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.
As cyberthreats facing healthcare organizations soar, medical device maker Becton, Dickinson and Co. has ramped up its process for coordinated disclosure of vulnerabilities to help identify, assess and communicate issues to regulators and industry stakeholders, says BD's Dana-Megan Rossi.