Medical device makers in their premarket submissions to the Food and Drug Administration under the agency's new refuse to accept policy for cybersecurity should pay close attention to details such as a product's software bill of materials and vulnerability management, said Jessica Wilkerson of FDA.
Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.
IoT devices, industrial, railway, automobile, and aircraft controls, as well as healthcare devices all have 3 things in common. First, these devices run on software and that software must be secured from cyberthreats as it is being developed. Second, when operating in the field, it is necessary to provide ongoing...
Security researchers uncovered a vulnerability in AMD chips that could allow hackers to trick a computer system into leaking data from its kernel. They named the flaw after the 2010 movie "Inception," since both the hacking technique and the film's plot involve planting false ideas into memory.
China's cybersecurity agency on Sunday banned sales of U.S. chipmaker Micron's products following a cybersecurity review. The decision is the latest in an escalating series of national security-driven moves by Beijing and Washington, D.C., to restrict the market access of their trans-Pacific rival.
Sanitize IT gear before decommissioning is well-trod cybersecurity advice given to corporations everywhere and yet many persist in disposing of equipment still laden with sensitive data. Cybersecurity firm Eset says it found a wealth of corporate data on secondhand routers.
Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok. The "Kia Challenge" went viral in mid-2022 after users discovered how to steal certain cars using a screwdriver and a male USB Type A connector.
The Italian cybersecurity agency says at least a dozen hacks against unpatched VMware ESXi servers in the country are likely tied to the BlackBasta ransomware group. Investigators say the ransomware campaign may have hit thousands of organizations worldwide since Thursday.
Acer fixed high-severity bugs that hackers could use to disable the secure boot in several laptops built by the Taiwanese manufacturer. The vulnerability could give threat actors control over operating system boot processes and allow them to disable some protection mechanisms.
Ten state attorneys general are urging Apple to address privacy and security gaps in third-party applications available on the App Store that track, collect or store reproductive health data. The letter comes as scrutiny intensifies over how large tech firms handle sensitive health data.
Organizations expect the IT security landscape to be consistent - from builds and hardware to operating systems - but for product security, everything Honeywell makes is a snowflake with flexible, highly tailored design across many technologies, says Honeywell Product Security Chief James DeLuccia.
The latest edition of the ISMG Security Report discusses financial giant Morgan Stanley's failure to invest in proper hard drive destruction oversight, the future of ransomware and the gangs that have attacked organizations in recent years, and the methods required to secure new payments systems.
Security researchers identified a rootkit active as recently as 2020 that's made to burrow deep into computers when firmware initiates the operating system. Infected motherboards examined by Kaspersky all ran on Intel's H81 chipset. The malware comes from an unknown Chinese-speaking threat actor.
If Russia uses hack attacks to support its invasion, would Western governments want to immediately attribute those attacks or disruptions? Enter a Thursday alert from the U.S. government warning that it is "aware of possible threats to U.S. and international satellite communication networks."
Chipmaker Nvidia has reportedly suffered a massive outage after an alleged security incident impacting the company's developer tools and email systems. The Lapsus$ ransomware group is claiming credit for the firm.