Multinational semiconductor maker Advanced Micro Devices has confirmed that there are 13 flaws in some of its chipsets that could be exploited to manipulate chip firmware for malicious purposes. AMD plans to provide fixes in the form of firmware updates that it claims should not affect system performance.
A new standard from the PCI Data Security Standards Council could help ease the way for smaller merchants worldwide, especially in developing nations, to move to cashless payments using a variety of devices, says Troy Leach, CTO for the council, who spoke last week at a conference in South Africa.
Al Pascual of Javelin Strategy and Research discusses a new report that shows that while crypto wallets may be considered to be at the sharp end of payments innovation, the security vulnerabilities they face are much the same as those that already exist in digital banking and payments.
The unfolding story of Cambridge Analytica, which shows how personal information on millions of consumers was obtained via Facebook, demonstrates the degree to which our personal data can be weaponized against us.
The FBI has arrested the CEO of the Canadian smartphone service Phantom Secure on charges that he and four other suspects ran an encrypted telecommunications service used by more than 20,000 customers to facilitate illegal activities, including international shipments of cocaine and other drugs.
Leading the latest edition of the ISMG Security Report: The Trump administration sanctions Russian organizations and individuals over U.S. election interference, the NotPetya campaign and energy sector hacks. Also featured: A deep dive into the use of so-called active defense.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
President Donald Trump has blocked a bid by Singapore's Broadcom to acquire U.S. chipmaker Qualcomm on the grounds that it could impact national security, including the United States' ability to help shape future mobile telephony standards.
To the surprise of many, $120 million allocated by Congress since late 2016 to help the State Department combat foreign governments' U.S.-focused propaganda and disinformation campaigns hasn't been spent. Meanwhile, midterm U.S. elections are fast approaching.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Kaspersky Lab says it has uncovered an elegantly written piece of malware that leverages a Latvian-designed router to launch stealthy attacks. The security firm hints that the malicious code could only have come from a well-resourced attacker, but it stops short of naming one.
A zero-day flaw in Adobe Flash, recently patched, has been targeted by a group of attackers that may have ties to North Korea as part of an apparent attempt to hack into Turkish banks, security firm McAfee warns. It notes that there are signs that financial institutions in other countries are also being targeted.
As more data moves to the cloud, and cyberattacks multiply, organizations need to adopt an alternate paradigm of security, says Nikhil V. Bagalkotkar, a virtualization specialist at Citrix, who describes a new approach.