CISA Unveils New HBOM Framework to Track Hardware Components
The US government’s cybersecurity agency CISA has unveiled a new Hardware Bill of Materials (HBOM) framework offering a consistent, repeatable way for vendors to communicate…
Category: SecurityWeek
Firefox 118 Patches High-Severity Vulnerabilities
Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, addressing a total of nine vulnerabilities in its products, including high-severity flaws. Firefox 118…
Gem Security Lands $23 Million Series A Funding
Gem Security, an Israeli startup with operations in New York, has attracted $23 million in venture capital investment to build and market technology in the…
Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk
Misconfigured TeslaMate instances can leak tons of data on the internet, potentially exposing Tesla cars and their drivers to malicious attacks, IoT security intelligence firm…
Stolen GitHub Credentials Used to Push Fake Dependabot Commits
Threat actors have been observed pushing fake Dependabot contributions to hundreds of GitHub repositories in an effort to inject malicious code, application security firm Checkmarx…
macOS 14 Sonoma Patches 60 Vulnerabilities
Apple on Tuesday announced the release of macOS 14 Sonoma. A security advisory published by the tech giant shows that the latest version of the…
New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
Nearly all modern graphics processing units (GPUs) are vulnerable to a new type of side-channel attack that could be leveraged to obtain sensitive information, according…
Microsoft Adding New Security Features to Windows 11
Microsoft on Tuesday announced the new security features that will be available in the latest version of Windows 11. Windows 11 feature updates are released…
$200 Million in Cryptocurrency Stolen in Mixin Network Hack
Peer-to-peer digital asset transactional network Mixin Network has suspended deposits and withdrawals after hackers stole $200 million. The Hong Kong-based platform uses a cross-chain transfer…
UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor
The advanced persistent threat (APT) actor Stealth Falcon has been observed deploying a new backdoor on the systems of a governmental entity in the Middle…
Sony Investigating After Hackers Offer to Sell Stolen Data
Sony has launched an investigation after a cybercrime group claimed to have compromised the company’s systems, offering to sell stolen data. A representative of the…
The CISO Carousel and its Effect on Enterprise Cybersecurity
The average tenure of a Chief Information Security Officer said to sit between 18 to 24 months. This is barely enough time to get feet…