Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
Certain Geeni doorbells and security cameras made by IoT company Merkury Innovations contain serious flaws. The flaws will be fixed this month, more than three months after the company was notified. Major retailers, including Walmart, Amazon and Home Depot, sell the devices.
The U.S. federal government is increasingly using IoT devices across its agencies, which has raised concerns about security. NIST has published draft guidance to help federal agencies navigate safe IoT deployment and use, says Kat Megas, program manager in NIST's Cybersecurity for IoT Program.
An organization that administers a children’s dental and health insurance program in Florida took down its online application platform after it discovered the company that hosted its website apparently failed to address vulnerabilities over a seven-year period, resulting in the exposure of personal data.
Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data deletion promises.
Singapore is expanding a labelling program that allows buyers to see at a glance the cybersecurity readiness of a consumer IoT device. The country's Cyber Security Agency will extend the voluntary program to IP cameras as well as smart door locks, lights and printers.
A recently discovered 10-year-old bug, if exploited, could give hackers root access to vulnerable Linux and Unix operating systems, according to Qualys. Security experts are urging users to immediately implement a patch to mitigate the risk.
The number of distributed denial-of-service attacks launched in 2020 surpassed 10 million, up from 8.5 million in 2019, according to NetScout's Atlas Security Engineering and Response Team.
Manufacturing System Protection from Cyber Attacks Industry 4.0 drives manufacturing efficiency by connecting systems to automate, share data, consolidate operations, and streamline production.
Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.
Email security provider Mimecast says hackers compromised a digital certificate that encrypts data that moves between several of its products and Microsoft's servers, putting organizations at risk of data loss.
Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.
Microsoft is tackling IoT device security challenges with the Azure Sphere platform. Galen Hunt, Azure Sphere's managing director, describes how the platform draws upon hardware, software and services.
The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents. Meanwhile, it has suspended its use of the hacked SolarWinds' Orion system and changed document security procedures while conducting an audit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.