The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
A day after the NSA disclosed a significant vulnerability that could affect the cryptographic operations in some versions of Windows, security researchers started releasing "proof of concept" code designed to show how attackers potentially could exploit the flaw. This highlights the urgency of patching.
As if ransomware wasn't already bad enough, more gangs are now exfiltrating data from victims before leaving systems crypto-locked. Seeking greater leverage against non-paying victims, Maze and Sodinokibi attackers are not just threatening to leak stolen data; they're also following through.
One gaping hole in the U.S. government's push to counter Chinese-built 5G telecommunications gear remains the lack of alternatives. But a bipartisan group of senators is seeking to create a $1 billion fund to create trusted, Western-built options.
Cloud maturity and confidence are growing, but security leaders are still reluctant to host highly sensitive data in the cloud. These are findings of a new Barracuda Networks survey. Chris Hill and Gemma Allen of Barracuda explore the results and what they mean.
While secure coding has always been an imperative, in a cloud-based environment, BMC Software's Rick Bosworth says it is especially critical since the liability does not rest with cloud services providers for secure configuration.
A federal judge in Atlanta has given final approval to a settlement that resolves a class action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history. The minimum cost to Equifax will be $1.38 billion.
A new Princeton University research paper finds that five major U.S. prepaid wireless carriers are leaving their customers open to SIM swapping attacks. The main culprit is weak account authentication procedures that attackers can easily exploit.
Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their "peacetime" mindsets and adopt a "wartime" stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge?
The British government continues to delay deciding whether it will ban Chinese networking gear from its national 5G rollout, as the Trump administration demands. But with future trade deals on the line as the U.K. navigates its "Brexit" from the EU, Britain cannot afford to anger either Beijing or Washington.
The NSA took the unusual step Tuesday of announcing what it calls a "severe" vulnerability in Microsoft's Windows 10 operating systems ahead of Microsoft's Patch Tuesday security update. The flaw could allow attackers to execute man-in-the-middle attacks or decrypt confidential data within applications.
Hackers with ties to the Russian government have targeted Ukrainian natural gas firm Burisma with phishing attacks designed to steal credentials, according to researchers at Area 1 Security. The company is at the center of the impeachment of President Donald Trump.
U.S. Attorney General William Barr is ratcheting up the pressure on Apple to unlock two iPhones belonging to a Saudi national who carried out a deadly shooting in December. The attorney general is labeling the shooting as an act of terrorism and says Apple is hampering a counterterrorism investigation.
Microsoft this week issues the final, free security updates for its Windows 7 operating system, as well as Windows Server 2008 and 2008 R2. But with one-third of all PCs continuing to run Windows 7, experts are urging organizations to immediately move to a more modern operating system.
A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.