Security experts are urging organizations to patch a newly revealed serious flaw in Microsoft SharePoint as quickly as possible because proof-of-concept exploit code is already available. The U.K.'s National Cyber Security Center warns that hackers frequently target fresh SharePoint flaws.
Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products. The program is voluntary, but Singapore eventually intends to make it mandatory.
The Xplora 4 kids smartwatch was shipped with a backdoor that could be activated remotely by an encrypted SMS to take secret screenshots. The manufacturer says the code was mistakenly left in the firmware, and it has issued a patch to remove it.
Stop me if you think that you've heard this one before: The U.S., U.K. and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption.
Two types of autopilot systems can be tricked into reacting after seeing split-second images, according to new research into autonomous vehicles. Although this could pose a risk, deep-learning software could keep the systems from being tricked.
CISA is warning that sophisticated hacking groups are chaining together vulnerabilities, such as the recent Zerologon bug and other flaws, to target state and local government networks. In some cases, attackers gained access to election support systems.
Steve Jobs once said: "Marketing is about values." But how well is the cybersecurity solutions message being received amid the convergence of pandemic and economic strains? We brought an outspoken group of CMOs and CISOs together to discuss the topic.
The latest edition of the ISMG Security Report analyzes why clothing retailer H&M was hit with a hefty fine for violating the EU's General Data Protection Rule. Also featured: The coming of age of digital identities; deputy CSO at Mastercard on top priorities for 2021.
Microsoft's IoT platform, Azure Sphere, which launched in February, is the company's bet to address the growing security and management problems around connected devices. A three-month bug bounty program for the platform resulted in resolving a number of vulnerabilities and awarding $374,000 in bounties.
Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.
Eight months after Microsoft issued a critical security update fixing a remote code execution flaw in Exchange Server, more than half of these mail servers in use remain vulnerable to exploits, according to the security firm Rapid7.
The latest edition of the ISMG Security Report analyzes cybersecurity firm McAfee's plans to again become a publicly traded company. Also featured: 'Zero trust' strategic insights and an IoT security flaw saga.
McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
A federal judge Sunday granted TikTok's request for a temporary injunction to block the Trump administration's order that would have banned the Chinese social media app from the U.S. The order came hours before the ban was scheduled to go into effect.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.
