Faced with this onslaught of smart, connected medical equipment, many healthcare providers are looking for device cybersecurity strategies and ways to help make these products more secure. Experts say it requires ongoing commitment to device security - something many providers haven't yet done.
Researchers are warning Microsoft Windows as well as many Linux distribution users to install updates that revoke permissions for a vulnerable driver that attackers can use to target most systems, allowing them to bypass UEFI Secure Boot and install a bootkit to take full control of a system.
Cybersecurity research submissions for the Nullcon 2025 CFP Review Board reflect prominent trends and challenges in the field. Nullcon CFP Review Board members Anant Shrivastava and Neelu Tripathy noted a growing focus on AI, supply chain and applied security.
The Biden administration Tuesday launched a cybersecurity labeling program for IoT devices aimed to help consumers choose smart devices that offer enhanced protections against hacking. Eligible products include wireless IoT devices such as fitness trackers, smart appliances and garage door openers.
Certain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequencer could allow hackers to overwrite the system's firmware to render the device unusable or to install a firmware implant for ongoing attacker persistence, said researchers at Eclypsium who identified the flaws.
A supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.
Hackers are exploiting the split-second delay between two mouse clicks to carry out sophisticated clickjacking attacks, tricking victims into authorizing transactions or granting access they never intended. "DoubleClickjacking" manipulates users into granting OAuth and API permissions.
Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a data-loss tool built by cybersecurity startup Cyberhaven, which said attackers appeared to be targeting Facebook Ads accounts.
Proofpoint is advancing its platform to unify data security capabilities. CEO Sumit Dhawan details its October acquisition of Normalyze in addressing multi-cloud, insider threats and AI-driven challenges through data security posture management.
U.S. authorities have launched multiple investigations while reportedly considering banning the widely popular Chinese-manufactured TP-Link routers amid ongoing security risks linked to Chinese cyberespionage and hacking campaigns targeting American critical infrastructure sectors.
The security of medical devices has been getting most of the attention from regulators in recent years, but other devices that make up the medical internet of things and operational technology systems are also vulnerable to cyberattacks, federal authorities warned in a new advisory.
An accurate and real-time Configuration Management Database (CMDB) is essential for effective IT operations,
serving as the foundation for incident management, change management, and asset tracking. Organizations often
struggle with maintaining reliability due to outdated, incomplete, or inaccurate...
Hackers are deploying brute force attacks and using unpatched vulnerabilities to target Chinese-manufactured web cameras and DVRs, the FBI is warning. Targets include a range of organizations in Taiwan and at least one U.S. government server.
Arctic Wolf is acquiring Cylance from BlackBerry for $160 million to integrate its AI-driven EDR technology into a hybrid XDR tool. The move aims to streamline cybersecurity for midmarket companies by combining services with product offerings, cutting operational complexity and boosting scalability.
The German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture frames and media players made with knockoff Android operating systems shipped from China. The agency identified at least 30,000 infected devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
