The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought leadership article.
A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.
Researchers from the firm Regulus Cyber say that they demonstrated a type of GPS spoofing attack that caused vehicles by Tesla to veer off the road. The impact could be much broader than just Tesla, however.
U.S. providers should be “on alert” for an increase in payments fraud experts warn. The European Union’s (EU’s) new Payment Services Directive (PSD2) raises the bar for security and may cause cybercriminals to focus on targets in this country.
LinkedIn Wednesday blamed an issue with its job ingestion tool–not Russian hackers or an online scam–as the reason the business social network was erroneously posting jobs located in Russia for a number of U.S.-based companies.