FTC Seeks Tools for Securing Home IoT Devices
The U.S. Federal Trade Commission (FTC) announced on Wednesday the launch of a contest that aims to find solutions for securing the Internet of Things (IoT) devices deployed in consumers’ homes. The IoT Home Inspector Challenge seeks a technical solution for addressing vulnerabilities in IoT devices. The FTC said the tool can be a physical…
Wi-Fi risks: Delivering a secure hotspot
The fact that Wi-Fi stands for Wireless Fidelity hints at how long Wi-Fi has been around, but it was only in 1999 that the Wi-Fi Alliance formed as a trade association to hold the Wi-Fi trademark, under which most products are sold. Today, Wi-Fi is on the top of the list of must-haves for businesses…
Exposed MongoDB installs being erased, held for ransom
Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped and being held for ransom. Currently, as of Monday morning, Gevers says he’s discovered 196 instances of a MongoDB installation exposed to…
More attacks, new technologies: Cybersecurity predictions for the year ahead
Every day, the cybersecurity landscape changes. Each new device connected to the network presents a new target for attackers that needs to be secured, and each new social media post creates new risks for phishing attacks or social engineering. As a result, the industry is evolving to meet these changes. Over the past few years,…
Data breaches through wearables put target squarely on IoT in 2017
Forrester predicts that more than 500,000 internet of things (IoT) devices will suffer a compromise in 2017, dwarfing Heartbleed. Drop the mic — enough said. With the sheer velocity of how the distributed denial-of-service (DDoS) attacks spread through common household items such as DVR players, makes this sector scary from a security standpoint.
HIPAA Settlements of 2016: Lessons Learned
Over the course of 2016, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reached many resolution agreements with a number of covered entities and business associates for violation of the Health Insurance Portability and Accountability Act (HIPAA). These HIPAA settlements are mutually agreed-upon resolutions between HHS and the offending…
Attacks Targeting Industrial Control Systems (ICS) Up 110 Percent
Since IBM X-Force published its report, “Security Attacks on Industrial Control Systems,” last year, we have observed a startling increase in the number of attacks against these systems. According to IBM Managed Security Services (MSS) data, attacks targeting industrial control systems (ICS) increased over 110 percent in 2016 over last year’s numbers, as of Nov….
Health Care Security in 2016: End-of-Year Checkup on Security Trends
As IBM X-Force Security Research predicted six months ago, a shift in cybercriminals’ focus from the retail industry led to increased risk in the health care sector in the second half of 2016. Unfortunately, empirical data confirmed just how dramatic these trends have been on a year-over-year basis. Let’s review the state of health care…
US collects social media handles from select visitors
Visitors to the U.S. under a visa waiver program are being asked by the Department of Homeland Security for information on their social media accounts, a plan that had drawn criticism from civil rights groups for its potential encroachment on privacy. The U.S. Customs and Border Protection unit of the DHS asked for written comments…
Secure By Design: Antidote for Dynamic Cyberthreats
There was an interesting twist to the recent distributed denial-of-service (DDoS) attack against domain name provider Dyn that plunged huge areas of North America and Europe into internet darkness. The perpetrators didn’t directly attack the servers of their ultimate target. Instead, they compromised 100,000 small, interconnected devices with weak default passwords, building an enormous botnet…