An apparently new hacking group has connections to a number of name-brand ransomware-as-a-service groups including Conti spinoffs and possibly Clop, making it a notably versatile addition to the criminal underground. Group-IB researchers dubbed the group ShadowSyndicate.
The FDA has issued final guidance on how medical device makers should approach cybersecurity in their products to meet new requirements for including cyber details in their premarket product submissions. Starting Oct. 1, the FDA will "refuse to accept" submissions lacking those details.
A Chinese hacking group linked to state authorities has upgraded its capabilities to target companies with headquarters in the United States and East Asia, warns an alert from Japanese and American cyber agencies. The group, BlackTech, has a customized firmware backdoor tailored for Cisco routers.
It's not just medical device cybersecurity that's keeping some healthcare security leaders up at night - it's also the risks posed by other critical connected gear that patients and clinicians depend upon, said Ali Youssef, director of medical device and emerging tech security at Henry Ford Health System.
A data security startup led by a Microsoft and Google veteran and backed by Samsung and CrowdStrike could soon be acquired by Palo Alto Networks. The company is in advanced talks to buy data security posture management startup Dig Security for between $300 million and $400 million.
Sony is investigating an apparent leak of internal data posted onto the dark web and a criminal hacking board by separate criminal actors. Sony is saying little other than, "We are currently investigating the situation, and we have no further comment at this time."
CISA Director Jen Easterly urged citizens to boost their defenses by choosing strong passwords, opting for multifactor authentication, reporting phishing and enabling automatic software updates. Easterly said users should choose passwords that are complex and unique to each sensitive account.
The United States and South Korea reaffirmed a commitment to mitigate the risks in technologies including AI, 5G networks and cloud computing, while developing an "inclusive approach" to govern their use. The two countries said governance must support the development of trustworthy AI.
Android banking Trojan Xenomorph has resurfaced in a new campaign targeting cryptocurrency wallets and various financial institutions. The malware has been actively targeting users in Europe and is now focused on institutions in the United States, Canada, Spain, Italy, Portugal and Belgium.
Microsoft updated Windows 11 on Tuesday to simplify passwordless adoption, protect against malicious code and have the ability to refresh configuration in the event of tampering. Updates to Windows 11 allow users to replace passwords with passkeys to stop hackers from exploiting stolen passwords.
Ukrainian cyber defenders are girding for an onslaught of cyberattacks against the energy sector as cold weather returns. That warning comes as Kyiv has observed Russian state hackers also stepping up attacks against law enforcement in a likely bid to spy on the gathering of evidence of war crimes.
The British government's first-ever global summit on artificial intelligence will focus on mitigating cybersecurity and safety risks tied to the emerging technology. The AI Safety Summit planned for Nov. 1-2 will focus on mitigating risks tied to frontier AI.
Three suspected Chinese espionage actors aimed a series of cyberattacks against an unnamed Southeast Asian country's critical infrastructure, healthcare and government organizations. Researchers attributed the hacks to APT group Mustang Panda, known for espionage attacks on foreign governments.
A U.S. federal government shutdown would have "immeasurable" damaging effects on the federal government's ability to fight cyberthreats, a top official said Tuesday amid forewarnings that the country should start preparing now for potential cyber interference in the 2024 presidential election.
Information Security Media Group recently concluded its Cybersecurity Summit: London, which brought together industry leaders for a day of informative sessions covering a diverse range of critical cybersecurity topics, including CISOs' vulnerability to liability, ransomware threats and burnout.