news

FDA Seeks Collaboration on Medical Device Security

The U.S. Food and Drug Administration (FDA) on Tuesday put out a call for ideas and input on how best to secure medical devices and the healthcare system from cyber attack. In a federal notice, the FDA announced that it will hold an October workshop entitled “Collaborative Approaches for Medical Device and Healthcare Cybersecurity.” It also solicited input from stakeholders within the government and from the public health sector on medical device and healthcare cyber security. The workshop is scheduled for October 21 and 22 and will run from 9:00 AM to 5:00PM at the National Intellectual Property Rights Coordination Center Auditorium in Arlington, Virginia. [Read more Security Ledger coverage of connected medical devices here.] The Department of Health and Human Services (HHS) is looking for ideas about how best to implement aspects of both Executive Order 13636 for“Improving Critical Infrastructure” and follow-on guidance like the National Institute of Standards and Technology’s (NIST’s) “Framework for Improving […]

Continue Reading

Online Authentication Group FIDO Alliance Grabs A Big Bone: Alibaba

The FIDO Alliance, an up-and-coming industry consortium aimed at simplifying online identity and doing away with passwords added IPO darling Alibaba to its Board of Directors, according to a statement on Tuesday. The FIDO (or “Fast IDentity Online”) Alliance announced that Alibaba Group’s payments business, Alipay will be among the first to deploy FIDO technology for secure payments authentication. On September 17, the company announced that it will use Nok Nok Labs’ FIDO-compliant  NNL™ S3 Authentication Suite to enable secure online payments via the Fingerprint Sensor (FPS) technology on the Samsung Galaxy S5. Alipay customers will be able to make payments and transfers using Alipay’s mobile application, Alipay Wallet by applying their fingerprint to the Galxy’s fingerprint sensor. “We look forward to participating on the FIDO Alliance board, and assuring that commerce and authentication are uniquely cooperative and seamlessly compatible,” said Ni Liang, Alibaba group, senior director, department of security, in a statement. Mobile payments […]

Continue Reading

You’re Invited: A Conversation on Password Security and Targeted Attacks

A note to Security Ledger readers that I’ll be facilitating a really interesting conversation this afternoon on password (in)security and how weak user authentication can undermine even the best laid security plans. The SANS Webinar, Security for the People: End User Authentication Security on the Internet” kicks off at 3:00 PM Eastern today (12:00 PM Pacific). You can register to join us using this link.   My guest is DUO Security researcher Mark Stanislav, a frequent Security Ledger contributor and one of the smartest guys out there when it comes to passwords, authentication and securing the Internet of Things. There’s plenty to talk about: weak authentication schemes are the root cause of any number of prominent breaches – from the recent attacks the Apple iCloud accounts of A-list celebrities, to the breach at retailer Target (reportedly the result of a phishing attack on an HVAC contractor that Target used.) Mark and I […]

Continue Reading

Report: Home Depot Fallout Reveals History of Lax Security, Hiring

Its a truism in cyber security that behind every great hack often lies a string of bad decisions and missed opportunities. Its also true that when you dig into the details of damaging cyber incidents, the root causes are personal and psychological as often as they are technical in nature. Organizations -even sophisticated and wealthy organizations – end up making bad decisions for all the wrong reason: failing to properly assess their risk, or pursuing short term savings when long term investment is needed. Home Depot learned via law enforcement that a breach of transaction data exposed as many as 52 million credit card transactions, the largest retail credit card breach to date. But as more comes out about the breach at home improvement giant Home Depot, it starts to look a lot more like the root causes there may have started in the HR department rather than the data center. The […]

Continue Reading

Will Big Data Transform Fraud Detection? | SmartData Collective

The folks over at Smart Data Collective have an interesting story today on Big Data and its (expected) impact on a variety of industries and business practices. Fraud (and fraud detection), it turns out, may be one area that is transformed by better data analytics. According to the article, by Monte Zweben, fraud analytics are posed to be transformed not just by “Big Data,” but by better and faster analytics. The article looks at a variety of industries, including consumer marketing and logistics that stand to benefit from the growth in data and data analytics. Fraud detection is one of them. Zweben cites statistics on the growth of fraud as a global problem. Kroll’s most recent Global Fraud Report found the number of companies falling victim to fraud has increased to 70 per cent. Credit card companies were among the first to embrace “Big Dat” analytics to spot irregularities in patterns of charges […]

Continue Reading
1 55 56 57 58 59 76