The Biden administration Tuesday launched a cybersecurity labeling program for IoT devices aimed to help consumers choose smart devices that offer enhanced protections against hacking. Eligible products include wireless IoT devices such as fitness trackers, smart appliances and garage door openers.
Certain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequencer could allow hackers to overwrite the system's firmware to render the device unusable or to install a firmware implant for ongoing attacker persistence, said researchers at Eclypsium who identified the flaws.
A supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.
Hackers are exploiting the split-second delay between two mouse clicks to carry out sophisticated clickjacking attacks, tricking victims into authorizing transactions or granting access they never intended. "DoubleClickjacking" manipulates users into granting OAuth and API permissions.
Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a data-loss tool built by cybersecurity startup Cyberhaven, which said attackers appeared to be targeting Facebook Ads accounts.
Proofpoint is advancing its platform to unify data security capabilities. CEO Sumit Dhawan details its October acquisition of Normalyze in addressing multi-cloud, insider threats and AI-driven challenges through data security posture management.
U.S. authorities have launched multiple investigations while reportedly considering banning the widely popular Chinese-manufactured TP-Link routers amid ongoing security risks linked to Chinese cyberespionage and hacking campaigns targeting American critical infrastructure sectors.
The security of medical devices has been getting most of the attention from regulators in recent years, but other devices that make up the medical internet of things and operational technology systems are also vulnerable to cyberattacks, federal authorities warned in a new advisory.
An accurate and real-time Configuration Management Database (CMDB) is essential for effective IT operations,
serving as the foundation for incident management, change management, and asset tracking. Organizations often
struggle with maintaining reliability due to outdated, incomplete, or inaccurate...
Hackers are deploying brute force attacks and using unpatched vulnerabilities to target Chinese-manufactured web cameras and DVRs, the FBI is warning. Targets include a range of organizations in Taiwan and at least one U.S. government server.
Arctic Wolf is acquiring Cylance from BlackBerry for $160 million to integrate its AI-driven EDR technology into a hybrid XDR tool. The move aims to streamline cybersecurity for midmarket companies by combining services with product offerings, cutting operational complexity and boosting scalability.
The German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture frames and media players made with knockoff Android operating systems shipped from China. The agency identified at least 30,000 infected devices.
Remote work has created blind spots in sensitive data management across devices and locations. Data-centric encryption with granular controls helps regulated firms maintain visibility and control without hampering productivity, said Ronald Arden, executive vice president, CTO and COO at Fasoo.
Predictive AI solutions can now anticipate maintenance needs before issues arise, enabling fleet operators to schedule timely repairs and prevent disruptions, said Sarvant Singh, vice president, data and emerging digital solutions at Penske Transportation Solutions.
Citrix enhances its security for hybrid work by acquiring deviceTRUST and Strong Network. Purchasing these European startups boosts protection for VDI, DaaS and cloud development, empowering organizations to enforce zero trust principles and reduce risks across their hybrid environments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
