Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.
Microsoft announced in December that support for Windows 10 will end when the OS reaches end of life in October 2025, yet enterprise adoption of Windows 11 is moving slowly. Enterprise leaders believe migrating to the new OS will lead to compatibility issues and increase costs to upgrade devices.
Firewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a command injection vulnerability present in its custom operating system after security researchers spotted a campaign to exploit the zero-day starting in March, likely from a state-backed threat actor.
Zscaler purchased an agentless segmentation startup founded by longtime Juniper Networks executives to dynamically control access to critical infrastructure based on identity and context. Acquiring Airgap Networks will prevent sophisticated threats from moving laterally within IoT or OT devices.
This week, Sisense supply chain attack, a likely Romanian botnet, Patch Tuesday, an Apple spyware warning and AT&T notifies customers of breach. Alcohol counselor Monument shared data with Meta, a breach of Home Depot employee data, a breach at Targus and a threat actor targeted Moroccan activists.
Cyera completed a $300 million funding round led by Coatue to fortify data security and facilitate safer AI adoption across enterprises. By consolidating data protection measures, Cyera hopes to address the critical need for a unified data security platform in the era of generative AI.
Network-attached storage manufacturer D-Link says owners of devices vulnerable to remote takeover exploits should suck it up and buy a replacement. Internet scans have tallied the number of affected NAS devices - a handful of servers released on average a decade ago - at more than 92,000.
Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must be carefully addressed, said Kevin Fu, director of the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
Following Rubrik's announcement that it plans to list on the New York Stock Exchange, another company is considering trying its luck in the public market. Claroty is meeting with underwriters ahead of a possible 2025 IPO that could value the cyber-physical systems security titan at $3.5 billion.
Foundations housing seven large open-source projects are banding together ahead of what they say is a nearly impossible 2027 deadline created by Europe's Cyber Resilience Act - the world's first digital supply chain regulation. European Union lawmakers approved the act in March.
In the latest weekly update, ISMG editors discussed key insights on OT security from the Cyber Security for Critical Assets Summit in Houston, the implications of a critical Linux utility found to have a backdoor, and a CISO's perspective on comprehensive cloud security strategy.
Google addressed two zero-day vulnerabilities in Pixel mobile phones that forensic firms exploited to bypass PINs and access stored data on the device. The bugs allowed attackers to unlock and access Pixel's device memory with physical access.
The Energy Department is hoping to catalyze next-generation solutions to cybersecurity vulnerabilities in the energy sector by funding the creation of university-based cyber energy centers nationwide that will bring together private sector partners and the future of U.S. cyber talent.
IT and OT security experts say threats to shipping underscore the need for more stringent regulations for passenger, cargo and high-speed vessels by the International Association of Classification Societies. The new IACS cybersecurity and resilience requirements will go into effect July 1.
The surge in cloud services and cross-border data storage presents challenges for global law enforcement.
Service providers face complexities in handling government data requests, given the entrusted user data. Differences in global data protection standards, add intricacies to legal frameworks. These disputes...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
