The 30-year-old protocol used by motor vehicle sensors to communicate may have to be rewritten following a proof-of-concept "error flooding" attack that can disable airbags, parking sensors and safety systems.
For just $80 per day, would-be cybercrime entrepreneurs can subscribe to Disdain, a new exploit kit that targets now-patched flaws in browsers and plug-ins, including Flash and WebEx. Disdain's debut shows that while exploit kits may have declined, they haven't died out.
What can CISOs at banks do to help prevent fraud as the region, and in particular India, moves toward achieving a cashless economy? Theo Nassiokas, director, APAC cybersecurity, at Barclays Bank, offers insights in an in-depth interview.
The British security researcher credited with stopping the WannaCry ransomware outbreak pleaded not guilty Monday to charges that he developed and sold a type of malicious software that steals online banking credentials.
How could the private sector benefit from steps federal agencies are taking to improve the cybersecurity of the internet of things and medical devices? In an in-depth interview, two experts at UL who are working closely with the agencies explain the potential impact.
As the GDPR enforcement date edges closer, organizations remain unprepared to comply, says BitSight's Elizabeth Fischer - especially when it comes to vendor risk management. What - beyond contracts - do organizations need?
In the face of advanced persistent threats and attacks, it's critical for organizations to measure vulnerability to threats before applying machine learning tools, says Rohan Vibhandik, a scientist at ABB Corporate Research Center.
Leading the latest edition of the ISMG Security Report: An interview with the head of a new cyber initiative to help political campaigns and local, state and federal election officials safeguard America's electoral process. Also, analyzing the evolving characteristics of the healthcare breach.
Security vendors are known to sprinkle hyperbole among their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection vendor Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
About half of today's cyberattacks are malware-free and don't involve having to write any files to disk, says Dan Larson of Crowdstrike. These attacks get around conventional defenses, such as firewalls and antivirus programs, so they require new defenses, he says.
It's a red-faced moment for FireEye. The company says an investigation reveals that an attack against an analyst's personal online accounts was enabled by the employee's continued use of compromised login credentials.
Expert speakers at ISMG's Fraud & Breach Prevention Summit in Delhi will tackle such important subjects as assessing organizational breach preparedness, early detection via effective threat hunting, leveraging machine learning to protect data and the latest breach trends.