The findings come from the latest report by XM Cyber and the Cyentia Institute

Read More

Cybersecurity vendor CrowdStrike has announced the release of new extended detection and response (XDR) capabilities within its Falcon platform to secure extended internet of things (XIoT) assets including IoT, Industrial IoT, OT, and medical devices. CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, rapid patch management, and interoperability across XIoT assets to help customers secure their organization with the same platform across IoT, IT endpoints, cloud workloads, identities, and data, CrowdStrike said.

The challenges posed to organizations and security teams in effectively securing diverse IoT resources remain stark, while the threats posed to IoT assets subject enterprises to significant risks, attacks, and vulnerabilities.

To read this article in full, please click here

Read More

Cybersecurity provider ZeroFox has announced a partnered capability with Google Cloud to warn users of malicious URLs and fake websites in a bid to disrupt phishing campaigns.

As part of the partnership, ZeroFox will automatically detect phishing domains for customers and submit verified, malicious URLs through Google Cloud’s Web Risk Submission API, disrupting attacks and warning users of malicious content on billions of devices using browser warnings. This is expected to help both ZeroFox customers as well as Google Cloud users.

“If a URL or domain flagged by ZeroFox is validated as malicious, Google will provide a warning message to users across its 5 billion devices in a matter of minutes, advising them not to access the domain in question,” said James Foster, founder, and CEO of ZeroFox.

To read this article in full, please click here

Read More

Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby.

News articles.

Read More

On January 6, the United States Federal Communications Commission (FCC) launched a notice of proposed rulemaking (NPRM) to update its data breach reporting rules for telecommunications carriers. “The law requires carriers to protect sensitive consumer information but, given the increase in frequency, sophistication, and scale of data leaks, we must update our rules to protect consumers and strengthen reporting requirements,” said FCC Chairwoman Jessica Rosenworcel in announcing the proceeding. “This new proceeding will take a much-needed, fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”

To read this article in full, please click here

Read More

Code security provider GitGuardian has added a new honeytoken module to its platform to help customers secure their software development life cycle and software supply chains with intrusion and code leakage detection assistance.

Honeytokens are code scripts containing decoy credentials, which can be placed within a customer’s development environments to lure out attackers looking to target critical DevOps environments such as source control management (SCM) systems, continuous integration continuous deployment (CI/CD) pipelines, and software artifact registries.

To read this article in full, please click here

Read More

Publication of classified docs could help Russian war effort

Read More