The source of the bug, which has affected at least 500,000 sites and millions of users, was a small programming error made by a PhD student, who has spoken of his regret at the incident.
A new technique for spotting cyber attacks has been designed by a young American student – and could prevent attacks against planes and power plants, by looking for abnormal communications within computers, rather than sifting for malicious software.
Could holes in security code and major information systems in America be due, at least in part, to the dire state of education in subjects like Science, Technology, Engineering, and Mathematics (STEM)?
The U.S. government has released the NIST Framework for Improving Critical Infrastructure Cybersecurity, a set of voluntary standards designed to help companies in industries critical to the nation to defend against cyber threats. ESET experts comment.
Weak passwords and rarely updated software are a recurring theme behind the 48,000 cyber incidents reported to the Department of Homeland Security – including the theft of data on the nation’s weakest dams by a “malicious intruder”, a DHS report has found.
A secret technology which relied on radio transmissions has allowed the National Security Agency to spy on computers disconnected from the internet – a security measure known as an ‘air gap’, and commonly used to protect machines containing highly sensitive data.
Major international cyber attacks follow a pattern – and attacks such as Stuxnet, which targeted Iran’s nuclear plant can be predicted by a mathematical model, University of Michigan researchers have claimed.
Are legislation and regulation a viable means of making people and organizations do better at securing data systems and devices? I’m not talking about FIAT the car maker, but fiat: “an official order given by someone who has power.” How’s that working in light of NIST CSF and HIPAA?
Governments around the world are recruiting “cyber warriors” to fight against the growing threat of both cybercrime and state-sponsored attacks – but there aren’t enough experts to go round.
A new cyber defense force is being set up in the UK to protect critical private and government computer networks from attack – “if necessary, to strike in cyberspace,” Britain’s Defense Secretary Philip Hammond has said.
New hi-tech cyber attacks could threaten energy supplies, “wearable” computers – and even medical implants, according to a study conducted by Europol’s European Cybercrime Centre (EC3) and the International Cyber Security Protection Alliance (ICSPA).
A hi-tech spoofing attack took “remote control” of a 213-foot yacht – steering it off course, without anyone touching the steering wheel.
NASA is no stranger to peering into nebulae in space – but the space agency found itself perplexed by the more Earthbound puzzle of cloud computing security, according to a report by the Office of the Inspector General.
What needs to happen before the President of the United States can stand before the American people and assure them that a comprehensive and good faith effort has been made to stop cyber attacks disrupting the delivery of essential goods and services? The NIST workshops are seeking answers to that question.
Browser security warnings can work to protect users from phishing and malware sites – but “warning fatigue” means important alerts over site security can be conmpletely ignored.
A new biometrics system could “read” blood vessels under the skin using thermal imaging cameras – a system which its inventors claim would be “almost impossible to spoof.”
A Kremlin security agency has ordered $15,000 of electric typewriters – sparking international gossip about a return to “old school” security measures.
Governments around the world are recruiting “cyber-mercenaries” – groups of skilled cyber professionals who target institutions such as banks and energy companies, British politicians have warned.
A U.S. Government department threw away IT components including printers, computer mice and keyboards in an effort to root out a “sophisticated” and “persistent” malware threat – which did not exist.
Cybercriminals have targeted U.S. energy companies with a wave of brute force cyber attacks, according to the Industrial Control Systems Emergency Response Team (ICS-CERT).