Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S. businesses, institutions and the public - after a senator urged the government to update its publicly available information about the threat associated with Chinese-made safes.
The FDA's multifaceted approach to strengthening medical device security centers on several key areas, including enhanced regulatory oversight, industry collaboration and a recent organizational change that raises the profile of the agency's device work, said the FDA's Dr. Suzanne Schwartz.
Multiple vulnerabilities in a widely used open-source implementation of the UEFI specification allow attackers to introduce malware operating at the firmware level. The vulnerabilities mainly affect server machines in which a boot server delivers the operating system over the local network.
Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
All has not been quiet on the malicious cybersecurity front this year, thanks to constant cybercrime innovation, cyberattacks and cyberespionage, and malicious or inadvertent data breaches. Here are 12 notable incidents and trends of 2023 and their implications for the bigger cybersecurity picture.
Hackers could use a firmware specification designed to flash a corporate logo during computer bootup to deliver a malicious payload that circumvents the industry standard for only loading trusted operating systems. The flaw stems from graphic image parsers embedded into system firmware.
Tens of thousands of knockoff Android products manufactured in China including TV streaming boxes reached consumers infected with malware, say cybersecurity researchers. Human Security says it uncovered a related operation that earned millions per month in an online advertising fraud scheme.
Medical device makers in their premarket submissions to the Food and Drug Administration under the agency's new "refuse to accept" policy for cybersecurity should pay close attention to details such as a product's software bill of materials and vulnerability management, said Jessica Wilkerson of FDA.
Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.
IoT devices, industrial, railway, automobile, and aircraft controls, as well as healthcare devices all have 3 things in common. First, these devices run on software and that software must be secured from cyberthreats as it is being developed. Second, when operating in the field, it is necessary to provide ongoing...
Security researchers uncovered a vulnerability in AMD chips that could allow hackers to trick a computer system into leaking data from its kernel. They named the flaw after the 2010 movie "Inception," since both the hacking technique and the film's plot involve planting false ideas into memory.
China's cybersecurity agency on Sunday banned sales of U.S. chipmaker Micron's products following a cybersecurity review. The decision is the latest in an escalating series of national security-driven moves by Beijing and Washington, D.C., to restrict the market access of their trans-Pacific rival.
Sanitize IT gear before decommissioning is well-trod cybersecurity advice given to corporations everywhere and yet many persist in disposing of equipment still laden with sensitive data. Cybersecurity firm Eset says it found a wealth of corporate data on secondhand routers.
Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok. The "Kia Challenge" went viral in mid-2022 after users discovered how to steal certain cars using a screwdriver and a male USB Type A connector.
The Italian cybersecurity agency says at least a dozen hacks against unpatched VMware ESXi servers in the country are likely tied to the BlackBasta ransomware group. Investigators say the ransomware campaign may have hit thousands of organizations worldwide since Thursday.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.