Apple's decision to withdraw iCloud end-to-end encryption in the United Kingdom has privacy and security advocates worried that the British government could scan and surveil sensitive information of Apple users worldwide. Apple on Friday deactivated its Advanced Data Protection feature in the U.K.
It's critical for healthcare providers that offer telehealth and remote patient monitoring services to incorporate these systems into their organizational risk programs, including how they plan to address issues such as patch management from afar, said attorney Betsy Hodge of the law firm Akerman.
A Chinese state-sponsored hacking group is abusing a legitimate Microsoft tool to evade security and install backdoors on government systems in the Asia-Pacific region. The threat actor uses MAVInject.exe to inject malware into waitfor.exe.
Endpoint security vendors are changing up their ownership or business models as Microsoft and CrowdStrike increasingly blot out the sun in this rapidly consolidating market. Reuters said that Advent International, Bain Capital, EQT AB and KKR have expressed interest in taking Trend Micro private.
Sophos laid off 6% of its staff just days after closing its $859 million acquisition of Secureworks. The job cuts will streamline duplicative roles following the Feb. 3 close of the Secureworks deal as well as reduce positions that are no longer needed since Secureworks delisted as a public company.
A hidden reverse backdoor in low-cost patient vital sign monitors used globally is hardcoded with an IP address connecting to a Chinese government-funded education and research network, which poses both privacy and potential safety concerns, said security researcher Jason Sinchak of ELTON.
Honeypots designed to track malicious internet activity have detected a surge in brute-force password login attempts against edge devices, and especially - but not exclusively - targeting equipment manufactured by Palo Alto Networks, Ivanti and SonicWall, said The Shadowserver Foundation.
Seraphic Security secured $29 million to scale its enterprise browser security solutions. With growing cyberthreats, CEO Ilan Yeshua highlights the need for AI-driven security, governance and compliance. The company plans to expand its North American presence and strengthen partnerships.
The accelerated adoption of eKYC solutions is exposing critical data to unprecedented risks, warns Kartik Lalan, a security researcher set to speak at Nullcon 2025. He identified vulnerabilities across industries, including finance, telecom, healthcare and small private agencies.
Symphony Technology Group tapped Vishal Rao to take over as CEO of Trellix while continuing to serve as chief executive of sister company Skyhigh Security. The San Jose, California-based security vendor tasked longtime Cloudera and Splunk leader Rao with accelerating Trellix's market share.
A new variant of the Mirai malware is exploiting vulnerabilities in cameras and routers to infiltrate devices, download payloads and integrate them into an expanding botnet. Qualys tracked over 1,300 active internet protocol addresses linked to the Murdoc Botnet since its emergence in July 2024.
Cybersecurity research submissions for the Nullcon 2025 CFP Review Board reflect prominent trends and challenges in the field. Nullcon CFP Review Board members Anant Shrivastava and Neelu Tripathy noted a growing focus on AI, supply chain and applied security.
The Biden administration Tuesday launched a cybersecurity labeling program for IoT devices aimed to help consumers choose smart devices that offer enhanced protections against hacking. Eligible products include wireless IoT devices such as fitness trackers, smart appliances and garage door openers.
Certain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequencer could allow hackers to overwrite the system's firmware to render the device unusable or to install a firmware implant for ongoing attacker persistence, said researchers at Eclypsium who identified the flaws.
A supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.