A Canadian effort fueled by a surge of car thefts to ban pen-testing devices such as the Flipper Zero that grab wireless signals has provoked a backlash among security researchers and advocates, who accused Ottawa of seeking a scapegoat for bad auto industry security practices.
Generative AI is both the villain in the tale of job displacement and the hero ushering in a new era of enhanced job roles and opportunities. Steve King of CyberEd.io discusses how gen AI will make your career an uncertain journey that demands lifelong learning, skepticism, humor and adaptability.
Venture capital investor Pramod Gosavi discussed the drawbacks of relying on network-centric cybersecurity solutions that are driving up costs. He recommended proactive strategies, such as zero trust, that emphasize minimal access and continuous verification and investments in AI-based technologies.
Breathless reports claim 3 million IoT toothbrushes have been remotely compromised and used to target unsuspecting businesses via distributed denial-of-service attacks. Just one problem: This story has more holes in it than the teeth of kid with a 10-pack-a-day Gummy Bear habit.
The United States ramped up pressure on the commercial surveillance industry shortly before the United Kingdom and France convened a two-day meeting dubbed the Pall Mall Process intended to culminate in an international agreement limiting the proliferation of advanced spyware.
The number of victims who opt to pay a ransom appears to have declined to a record low. During the last three months of 2023, an average of 29% of organizations hit by ransomware paid a ransom - a notable shift from what ransomware watchers saw in recent years.
The FBI announcing that it has forcibly removed "KV Botnet" Chinese nation-state malware from "hundreds" of poorly secured SOHO routers across America highlights the risk posed by the growing volume of outdated IoT devices. The FBI's fix is temporary, and we need a more permanent solution.
Multiple vulnerabilities in a widely used open-source implementation of the UEFI specification allow attackers to introduce malware operating at the firmware level. The vulnerabilities mainly affect server machines in which a boot server delivers the operating system over the local network.
In the latest weekly update, Troy Leach, CSO at Cloud Security Alliance, joins three editors at ISMG to discuss important cybersecurity issues, including how generative AI is enhancing multi-cloud security, AI's influence on authentication processes, and the state of zero trust and IoT security.
As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own. Offensive security is proactive; it mimics the strategies of real attackers to stay ahead of potential threats.
Switzerland's federal government reports that multiple federal agencies' public-facing sites were temporarily disrupted by distributed denial-of-service attacks perpetrated by a self-proclaimed Russian hacktivist group "as a means of gaining media attention for their cause."
Thermostats sold across the globe by German multinational engineering company Bosch contained a flaw allowing hackers to cut power to the heating system and override the firmware, warn researchers from cybersecurity firm Bitdefender. Bosch pushed an over-the-air update in October.
A new cryptomining campaign uses a quirkily customized Mirai botnet to spread cryptomining malware designed to hide the digital wallet that collects the ill-gotten gains. Security researchers at Akamai dubbed the Mirai variation NoaBot when it first appeared in early 2023.
Researchers found a path traversal vulnerability in Kyocera's Device Manager product, which is used for overseeing large printer fleets in mid- to large-sized enterprises. Attackers could exploit the flaw to obtain NTLM hashes by changing the location of a backup database.
Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers. The SQL injection vulnerability tracked as CVE-2023-39336 is in all supported versions of Ivanti Endpoint Manager.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.