As investigations into the distributed denial-of-service attack on Singaporean ISP StarHub continue, experts believe that the scale of IoT infections - needed to launch attacks of such severity - and the circumstances perpetuating it are the bigger problems.
The Shadow Brokers - the group that released what are purported to be hacking tools tied to the NSA - returns with what it claims to be a list of exploit-staging servers used by the U.S. intelligence agency to stage its cyber-attack and surveillance operations.
In a sign that investigators are paying more attention to disrupting stresser/booter services, script-kiddie-friendly Hack Forums recently announced that it will be shutting down its related Server Stress Testing forum.
The online advertising industry has a malware problem that, in part, has driven increased use of ad-blocking software. It's facing a complicated task: Clean up the security problems or face possible regulation.
Australia's largest-ever known data leak wasn't caused by hackers. Instead, a contractor mistakenly posted a database of blood donor information on a public website, showing how a simple mistake can have deep repercussions.
Proposed White House guidelines for modernizing federal agencies' IT - a critical step to enhance government cybersecurity - come as the Obama administration winds down. That means the next administration likely could be responsible for implementing the plan - or altering it.
On the heels of the massive DDoS attack that disrupted DNS services provided by Dyn, Singaporean ISP StarHub's DNS services were likewise targeted. The ISP has blamed customer-owned IoT devices for the attack, but it has not named the malware involved.
The malware-infected IoT army that disrupted domain name server provider Dyn was composed of, at most, 100,000 devices, the company estimates in an after-action report. But claims that the attacks peaked at 1.2 Tbps remain unconfirmed.
Chinese manufacturer Xiongmai will recall up to 10,000 webcams in the wake of the IoT-powered DDoS attacks that pummeled DNS provider Dyn. But information security experts say that only a more resilient internet will blunt future attacks.
IBM is blaming subcontractors for failing to block DDoS attacks that disrupted Australia's largest-ever online census in early August. But as the project's chief contractor, IBM is now in compensation negotiations with the government.
The proposed guidance from the National Highway Traffic Safety Administration focuses on hardening a vehicle's electronic architecture against cyberattacks and to ensure vehicle systems take appropriate actions even if an attack succeeds.
Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Federal regulators will be kicking off remote HIPAA compliance "desk audits" of business associates next month and more comprehensive onsite audits of both covered entities and BAs early next year. Learn more about what's next for the audit program.
Massive DDoS attacks, targeting DNS provider Dyn, have triggered widespread internet disruptions. Security intelligence firm Flashpoint says the attacks have been perpetrated at least in part via a botnet of Mirai-infected internet of things devices.
Authorities say Yevgeniy Aleksandrovich Nikulin stole credentials from a LinkedIn employee and used them to breach the social networking firm in 2012, in which well over 100 million members' passwords were exposed.