Makers of IoT and embedded devices are about to face stringent regulations around firmware development, documentation and support. Here's why they'll need automation to keep up.
CyberScoop reports that the House Energy and Commerce Committee has approved legislation that would mandate a federal examination on the threat of adversarial nation-controlled routers, modems, and other networking devices on U.S. national security.
Attempted attacks against TVT Digital Technology's NVMS9000 DVRs which had its firmware last updated seven years ago have surged, with devices impacted by an information disclosure flaw reported in May targeted by more than 2,500 IPs suspected to be part of a Mirai-based botnet on Thursday, according to BleepingComputer.
SecurityWeek reports that 99% of 351 healthcare organizations had internet of medical things devices with actively exploited vulnerabilities, while 20% of hospital information systems are impacted by security issues leveraged in ransomware intrusions and remain online.
Full enforcement of the European Union's Cyber Resilience Act is less than three years away. Here's why and how makers of IoT and smart devices should start complying now.
Threat actors have been launching intrusions leveraging a pair of old vulnerabilities impacting the Sitecore CMS and Experience Platform, as well as other security issues affecting the open-source JavaScript framework Next.js and DrayTek devices, according to The Hacker News.
How do we handle scope creep for vulnerabilities?, find the bugs before it hits the real world, risk or hype vulnerabilities, RTL-SDR in a browser, using AI to hack AI and protect AI, 73 vulnerabilities of which 0 patches have been issued, Spinning Cats, bypassing WDAC with Teams and JavaScript, Rust will solve all the security problems, did you he...
