Chinese state-backed cyber spies developed a Linux variant of a Windows backdoor to target a Hong Kong university after Beijing squashed pro-democracy protests in the city. The threat group, called SparklingGoblin, deployed the custom-built implant in February 2021, Eset researchers say.
Software point of sale or SoftPOS is a groundbreaking technology that allows businesses to accept card payments directly on their devices without requiring any additional software. As this payment method gains widespread adoption, what does it mean for the security of our payments systems?
Silicon Valley-based startup Fortanix is looking to capitalize on the growing demand for security and encryption across on-premises data centers and major cloud providers through a recently completed $90 million Series C round of funding led by Goldman Sachs' equity arm.
The specter of Chinese data collection on U.S. citizens hung over Capitol Hill in a pair of hearings as lawmakers asked whether an open internet can survive challenges such as Beijing hacking and TikTok. An executive for the short-form video app made a rare appearance before a Senate committee.
Microsoft issued a patch for an actively exploited zero-day flaw in its latest Patch Tuesday security patch dump. The flaw allows hackers to elevate their system privileges. The update includes 63 other patches, including one other zero-day and three other critical vulnerabilities.
The FBI is the latest federal agency warning healthcare sector entities of cyberattack threats to medical devices, especially unpatched and outdated products, recommending that organizations take steps to identify vulnerabilities and "actively secure" the gear.
A White House agency today told U.S. federal government IT vendors they must attest to using secure software development techniques. Self-attestation "is a bit of a compliance activity, but it's a pretty light compliance activity," says former federal CISO Grant Schneider.
The U.S. government accused Iran of turning a blind eye to ransomware hackers after indicting three men affiliated with the Islamic Revolutionary Guard Corps. Authorities say their attacks affected critical infrastructure including healthcare centers, transportation services and utility providers.
Enterprises need to securely enable hybrid working to attract and retain talent, says Naveen Palavalli, vice president of product strategy at Netskope. He explains how this will require network and cloud transformation as well as transformation around how data is accessed and shared.
Apple issued a patch for a zero-day vulnerability likely exploited in the wild that allows a malicious iPhone app to execute arbitrary code with kernel-level privileges, marking the second smartphone kernel code execution bug fixed by the company in as many months.
Ransomware-wielding criminals feel the need for speed as they seek to take down victims more quickly and quietly. Cue the use of intermittent, or partial, encryption to speed up attacks. It scrambles files partially but enough to make them unusable.
A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.
Japanese conglomerate Hitachi has sold its small identity-as-a-service practice to Canadian software specialist Volaris Group to drive better execution around core products. The firm found it was easy to get lost within Hitachi given the conglomerate's size and focus on electronics and engineering.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.