Automotive smartphone apps that can be used to unlock or start a car pose new risks that must be managed, says Asaf Ashkenazi of Inside Secure, a mobile security firm, who provides risk mitigation insights.
A court has preliminarily approved Lenovo's proposal to pay $7.3 million to settle a consolidated class action lawsuit filed over its preinstallation of Superfish adware onto laptops purchased by 800,000 consumers. Superfish, which has dissolved, already reached a $1 million settlement agreement.
A British lawmaker has obtained sealed U.S. court documents to reveal internal Facebook discussions about data security and privacy controls, as Parliament probes Facebook and other social media firms as well as Russian interference and fake news.
Australian human resources software developer PageUp says it has found "no specific evidence" that attackers removed data after the company warned in May that it had been breached. But investigators have found that attackers installed all of the tools they would have needed to exfiltrate data.
Cryptocurrency offers both immediacy and anonymity - traits that are attractive to threat actors looking to exploit organizations via ransomware or cryptomining. Laurence Pitt of Juniper Networks discusses why healthcare entities are uniquely vulnerable.
A structured approach is needed to efficiently establish and operate a modern SOC, says Gartner's Pete Shoard. Key steps, he says, include creating the right requirements, planning contextually and choosing the right tools and strategies.
ISMG's Security Summit in Mumbai on Nov. 29 will offer insights from CISOs and other experts on hot topics, including setting the boardroom security agenda, using cyber threat intelligence, preventing fraud through the use of blockchain, securing digital payments and preparing for a breach notification law.
Amazon has blamed a technical error for its inadvertent exposure of some customers' names and email addresses online. The online retailing giant maintains that its systems were not breached. It says it's sent an email notification to all affected customers and that the problem has been fixed.
In the latest edition of the ISMG Security Report, Asaf Ashkenazi of the mobile security firm Inside Secure discusses new threats to car security posed by certain smartphone apps. Plus, updates on behavioral authentication and protecting "very attackable people" from hackers.
A vulnerability in a U.S. Postal Service application for tracking mail in real time reportedly allowed anyone logged into the service to view personal data, and it persisted for more than a year after USPS failed to heed a warning from an anonymous security researcher.
Cybercrime gangs continue to update or issue fresh versions of malware to mine for cryptocurrency, deliver crypto-locking ransomware, steal passwords and facilitate online bank account heists, according to new research reports.
For nearly 30 months, internet traffic going to Australian Department of Defense websites flowed through China Telecom data centers, an odd and suspicious path. Why the strange routing occurred is known. But the reasons why it persisted for so long aren't.
What are the key differences between building a SOC for a large enterprise vs. for a small to midsized organization? Trustwave's Kory Daniels explains the distinction and outlines the must-have skills.
How have cyberattacks evolved in 2018? Cisco's Paul Singleton describes the common threats and vectors, as well as why it's important to know exactly who your attacker is - and how they are exploiting your defenses.