The U.S. federal government is telling the automotive industry to stop buying Chinese manufactured hardware and software powering onboard telematics and automated driving systems, warning that the potential for nation-state hacking and espionage poses a national security risk.
Apple patched a vulnerability that allows hackers to bypass a key security feature in macOS by through third-party kernel extensions. Microsoft researchers uncovered the flaw tracked as CVE-2024-44243. The flaw could enable hackers to install rootkits and create malware with privileged access.
Six months after a ransomware attack temporarily crippled its blood donation and distribution activities, Florida-based nonprofit OneBlood is reporting a data breach to regulators that affected donors' personal information. Why is the incident reawakening healthcare supply chain concerns?
Many organizations are looking to artificial intelligence agents to autonomously perform tasks that surpass traditional automation. Tech firms are rolling out agentic AI tools that can handle customer-facing interactions, IT operations and a variety of other processes without human intervention, but experts are...
Many important efforts by the Cybersecurity Infrastructure and Security Agency to help the healthcare sector and other critical infrastructure sectors bolster their cybersecurity are likely to continue under the incoming Trump administration, predicted CISA Deputy Director Nitin Natarajan.
By acquiring Cado Security, Darktrace strengthens its ability to secure multi-cloud environments. The transaction brings together Cado's forensic capabilities with Darktrace's AI analytics to deliver comprehensive threat detection and response to organizations in regulated industries.
With its acquisition of ActZero, WatchGuard gains advanced machine learning capabilities and expertise to improve its MDR service. ActZero's mature processes and open platform enable seamless integration of WatchGuard products as well as third-party tools like Microsoft Defender.
VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Experts are warning users to immediately update their devices, after factory resetting them, to flush any malware attackers may have installed.
From application security to zero trust, it's been a busy four years for the current leaders of the U.S. Cybersecurity and Infrastructure Security Agency. Deputy Director Nitin Natarajan discusses the agency's accomplishments and the threats that await the next administration's cyber leaders.
Cymulate's acquisition of CYNC Secure enhances its ability to bridge vulnerability identification and resolution. The deal integrates CYNC's offensive capabilities, creating a next-gen exposure prioritization platform to tackle vulnerabilities effectively and address unmet market demands.
Hackers are deploying an updated strain of EagerBee malware to target internet service providers and government organizations in the Middle East, warn security researchers. EagerBee operates in memory and comes with advanced stealth and security evasion capabilities.
To combat the rise in software supply chain attacks, Veracode has acquired Denver-area startup Phylum and its advanced tools to detect malicious open-source packages. The acquisition strengthens Veracode's software composition analysis offering and enables faster, more reliable threat mitigation.
Taiwanese industrial computing firm Moxa Technologies is warning customers about two high-severity vulnerabilities affecting its routers and network appliances, posing significant security risks to operational technology environments.
The addition of Trelica allows 1Password to accelerate its extended access management roadmap by 18 months. The acquisition emphasizes simplicity for end users while unifying SaaS visibility, device management and identity security under a single solution.
Security experts are urging all organizations that use Microsoft Windows to ensure they install patches, released last month, to fix Lightweight Directory Access Protocol denial-of-service and remote code execution flaws. Researchers have released a proof-of-concept exploit for the latter flaw.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
