The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213 IoT Device: “Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements.”
Researchers have discovered 14 BusyBox vulnerabilities that impact embedded Linux OS used in many internet of things (IoT) and operational technology (OT) devices.
A vulnerability in ThroughTek’s Kalay Platform software development hit (SDK) has exposed many security cameras used by original equipment manufacturers (OEMs) of consumer-grade security cameras and IoT devices.
Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.
Security researchers have discovered nine vulnerabilities collectively dubbed NAME:WRECK than can break DNS implementations in TCP/IP stacks and lead to denial of service or remote code execution. The experts also provided guidelines to organization on how to fix the issues.
The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.
Microsoft has released the February 2021 Security updates that includes patches for 56 vulnerabilities, 11 of those rated Critical. Moreover, the tech giant warned of a Win32k Privilege Escalation vulnerability CVE-2021-1732 exploited in wild.
Cisco has patched three Critical vulnerabilities in Cisco Integrated Management Controller (IMC), DNA Spaces Connector and IoT Field Network Director (FND) products.
Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.
Security firm Bitdefender published its mid-year Threat Landscape Report 2020 that reveals how cybersecurity threats and malware play on the pandemic theme.