Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices. The group used spam messages to convince users download a malicious WeChat application.
Medical device makers in their premarket submissions to the Food and Drug Administration under the agency's new "refuse to accept" policy for cybersecurity should pay close attention to details such as a product's software bill of materials and vulnerability management, said Jessica Wilkerson of FDA.
The FDA has issued final guidance on how medical device makers should approach cybersecurity in their products to meet new requirements for including cyber details in their premarket product submissions. Starting Oct. 1, the FDA will "refuse to accept" submissions lacking those details.
A data security startup led by a Microsoft and Google veteran and backed by Samsung and CrowdStrike could soon be acquired by Palo Alto Networks. The company is in advanced talks to buy data security posture management startup Dig Security for between $300 million and $400 million.
Organizations have relied on disjointed technologies and tools that focus on individual security layers for too long. To stay ahead of threat actors, it is time to change the way we approach security.
This paradigm shift requires us to embrace the next era of cybersecurity that combines human intelligence with AI...
Apple released patches Thursday to close three actively exploited vulnerabilities that researchers say commercial spyware maker Cytrox used to infect the iPhone of Egyptian politician Ahmed Eltantawy with Predator malware. The Citizen Lab attributes the attacks to the Egyptian government.
A late-stage SASE startup led by a serial entrepreneur hauled in a massive equity investment to address the feature and capability needs of large enterprises. The $238 million in funding will allow Cato Networks to more tightly align CASB and DLP with SASE to safeguard cloud apps and sensitive data.
Last year's winner of RSA Conference's prestigious Innovation Sandbox contest could soon be acquired by Palo Alto Networks, according to Calcalist. The platform security behemoth is in advanced negotiations to purchase enterprise browser startup Talon Cyber Security for $600 million, Calcalist said.
Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.
Casino and hotel giant Caesars Entertainment is warning customers that their personal details were stolen in a recent hack attack. After successfully shaking down Caesars for a ransom, the same attackers are continuing to extort MGM Resorts, claiming to have crypto-locked its EXSi hypervisors.
Gartner positioned Dynatrace highest in Ability to Execute and furthest for Completeness of Vision in the 2023 Magic Quadrant for Application Performance Monitoring and Observability.
Observability and security are essential components of successful transformation strategies.
But innovating, operating...
In Norse mythology, Loki is a cowardly trickster god who can change age, shape and sex. The malware incarnation is more prosaic, tending to focus on stealing Microsoft users' data, at times by using an ancient vulnerability in Microsoft Office that continues to be widespread.
Hotel and casino giant Caesars Entertainment paid approximately half of an initial $30 million ransom demand to attackers who infected its systems with ransomware, according to news reports. The attackers appear to be with the same group that hit MGM Resorts.
Google released a fix on Monday for a Chrome zero-day that allows an attacker to remotely target a vulnerable version of the browser. The bug is tracked as a heap buffer overflow in the WebP image format, which is specifically designed to optimize web images.
Apple released patches Thursday to close a zero-click exploit makers of the Pegasus advanced spyware app used to infect at least one iPhone carried by an individual employed at a Washington, D.C.-based civil society organization. The lab calls the exploit "BlastPass."