Cybersecurity researchers have discovered the first-ever UEFI bootkit designed to target Linux systems and subvert their boot process for malicious purposes. The "Bootkitty" malware, first uploaded to VirusTotal this month, appears to be more "proof of concept" than full-fledged threat, they said.
An apparent Russian script kiddie is converting widespread security gaps into powerful botnets capable of launching global-scale distributed denial-of-service attacks. A threat actor with the online moniker "Matrix" is exploiting IoT vulnerabilities such as default credentials and outdated software.
Cybersecurity once conjured images of IT departments, server rooms and corporate firewalls. Today, it extends far beyond these traditional domains, becoming essential in fields like manufacturing, agriculture, healthcare, transportation, robotics and space exploration.
Halcyon has raised $100 million in Series C funding, reaching a $1 billion valuation. The company plans to enhance its cutting-edge ransomware solutions by taking on data exfiltration, deepen ties with Dell and Cisco, and expand its market presence into Japan with a partner-driven approach.
The Taiwanese NAS maker QNAP Systems on Saturday patched multiple flaws in its operating system and applications that could allow attackers to compromise network storage devices. The patch also included multiple flaws in QNAP's router operating system QuRouter OS.
A Russian cyberespionage group hacked a Washington, D.C.-based organization focused on Ukraine by deploying a new attack technique that exploits Wi-Fi connectivity, according to new research. The "nearest neighbor attack methodology could lead to a significant broadening of targeting and attacks.
The U.S. National Institute of Standards and Technology plans to revise its Internet of Things cybersecurity framework to address evolving risks posed by emerging technologies and use cases, such as AI and immersive tech. The proposed updates will broaden the focus to entire product ecosystems.
Cyera secures $300M in funding from Accel and Sapphire Ventures, doubling its valuation to $3 billion. The company is enhancing its data security platform by integrating DSPM with DLP and identity security capabilities, addressing enterprise demand for comprehensive solutions.
A threat actor with suspected ties to Russian nation-state hackers has listed thousands of IoT devices as proxy networks within minutes of their initial compromise. A campaign that began in 2020 has so far infected 20,000 IoT devices, according to a new report by Trend Micro.
Security flaws in a cloud platform for remotely configuring and monitoring Internet of Things gadgets could expose millions of devices to remote code execution hacks. Security researchers at Claroty's Team82 uncovered 10 vulnerabilities in the widely used OvrC cloud platform.
Android Spynote malware is masquerading as antivirus software to exploit Android processes to infiltrate devices, seize control and steal sensitive information from unsuspecting users. A report from Cyfirma shows the malware disguising itself as "Avast Mobile Security" in a recent campaign.
Two British government agencies and computing giant Google joined the CHERI Alliance, a group dedicated to promoting a hardware architecture that prevents buffer overflows and heap use-after-free vulnerabilities. Adoption of the architecture is miniscule.
Dennis Giese, a security researcher and engineer, built his first computer at around age 8 using spare parts. Years later, he hacked his first robotic vacuum cleaner. Giese reflects on his journey as a researcher and ethical hacker during HardPwn, a hardware hackathon hosted by Hardwear.io in Amsterdam.
A "road map to resilience" approach helps organizations balance immediate, low-cost security improvements with complex, long-term risk reduction initiatives in industrial control systems, said Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.