IoT devices running the authentication protocol OpenSSH are being compromised and used as proxies in attacks that aim to take over accounts at popular web services, according to new research from Akamai.
IoT botnets, the term for armies of hacked internet-connected devices, aren't going away. And an anecdote from the field shows the gravity of the problem and why it's unlikely to be resolved any time soon.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
The U.S. intelligence community has blamed the Russian government for attempting to interfere in U.S. elections by hacking and leaking documents. It also said Russia could be behind recent attempts to probe states' election systems.
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
Even though the U.K. is preparing to exit the EU, British businesses must prepare to comply with GDPR, the EU's new data privacy law. That's the message from the new U.K. information commissioner, who oversees enforcement of the country's privacy laws.
Blunting Yahoo's attempt to blame nation-state attackers for its record-breaking breach, security firm InfoArmor says it's traced the 2014 hack to a cybercrime gang that's quietly resold the stolen data several times over.
A new cyberattack trend report from Europol notes that while online criminals continue to refine their capabilities, old and unsophisticated attacks too often still succeed, thanks to poor digital hygiene and a lack of security by design and user awareness.
As the U.S. ramps up its migration to EMV chip payments over the next three to five years, fraudsters will shift their attention to mobile wallets, says Al Pascual of Javelin Strategy & Research, who describes why in this video interview.
Most enterprises, when addressing mobile security, focus on securing applications, such as the devices' operating systems, or preventing the installation of malware. But NIST cybersecurity experts say organizations should take a much broader approach to ensuring mobile security.
Apple-FBI crypto debate update: A researcher successfully defeated an iPhone passcode using less than $100 in equipment. But the delicate procedure, if used on the San Bernardino shooter's iPhone, could have accidentally obliterated its data.
A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.