A list of "super user" passwords - and a default username - now circulating online appears to allow unauthorized access to some webcam video streams, security researchers warn. If confirmed, it would be yet another massive internet of things security failure by a device manufacturer.
In an in-depth audio interview, Troy Leach of the PCI Security Standards Council describes just-released guidance that's designed to help organizations simplify network segmentation, a practice the council strongly recommends to help protect payment card data.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
So, if 2016 was the year when mobile security threats finally started to materialize and mature, what can we expect to see in 2017? Tom Wills of Ontrack Advisory shares insight on the mobility threatscape and new enterprise solutions.
A Danish telecommunications company says it has seen successful DDoS attacks directed at enterprise firewalls that could be launched using only a single laptop.
U.K. Chancellor Philip Hammond used the launch of Britain's new five-year National Cyber Security Strategy to trumpet the country's strike-back capabilities. But other parts of the strategy - including more automated defenses - hold much greater promise.
The Domain Name System is crucial to the functioning of the internet, but largely taken for granted - until it breaks. In an audio interview, Cricket Liu of Infoblox discusses how DNS providers must improve security.
A potentially explosive story suggests that there were secret communications between Russia and U.S. presidential candidate Donald Trump's business. But computer security experts have dismissed the report, saying it's based on a flawed interpretation of technical information.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
Cybercriminals are continuing to refine their art: Researchers say there are now more than 200 ransomware families, which complicates ongoing attempts to disrupt such attacks.
Even though the U.K. is preparing to exit the EU, British businesses must prepare to comply with GDPR, the EU's new data privacy law. That's the message from the new U.K. information commissioner, who oversees enforcement of the country's privacy laws.
Cisco has patched another zero-day flaw stemming from the Shadow Brokers' leak of Equation Group tools and attack code. The technology giant warns that attackers have been exploiting the vulnerability.
All in the family: A "sophisticated attacker" alert from US-CERT, urging enterprises to lock down their networking gear, was triggered by the leak of exploit tools - targeting, in part, U.S.-built networking gear - that may have been tied to the NSA.
A newly released email shows that former Secretary of State Colin Powell gave some bad advice to Hillary Clinton regarding use of personal devices that could have put national security at risk.
The breach of porn site Brazzers - which allows users to swap fantasies in online forums - begs the question of how many users employed throwaway usernames and passwords. Some 1,446 U.S. military and 41 U.S. government email addresses were found in the data dump.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.