Tech Republic Security

JANUARY 8, 2025

The Cyber Trust Mark will help consumers make more informed decisions about the cybersecurity of products, according to the White House.

Cybersecurity 169

Cybersecurity Internet Internet IoT 169

Zero Day

JANUARY 8, 2025

The Accenture Technology Vision 2025 report explores how AI-powered autonomy is shaping technology development, customer experience, the physical world, and the future workforce, where people and AI agents work together to drive customer success.

Technology 138

Technology 138

Malwarebytes

JANUARY 8, 2025

The White House announced the launch of the US Cyber Trust Mark which aims to help buyers make an informed choice about the purchase of wireless internet-connected devices, such as baby monitors, doorbells, thermostats, and more. The cybersecurity labeling program for wireless consumer Internet of Things (IoT) products is voluntary but the participants include several major manufacturers, retailers, and trade associations for popular electronics, appliances, and consumer products.

Wireless 102

Wireless Computers and Electronics Manufacturing IoT 102

Zero Day

JANUARY 8, 2025

The latest updates for both browsers squash several high-severity security bugs. Here's how to grab them.

125

125

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Hacker News

JANUARY 8, 2025

A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.

DDOS 118

DDOS 118

Zero Day

JANUARY 8, 2025

AI was featured in nearly every consumer tech category at CES. Here's what stood out.

119

119

Zero Day

JANUARY 8, 2025

The most powerful desktop of all time will be arriving soon - and it will be running Linux.

116

116

Security Boulevard

JANUARY 8, 2025

IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings. The post Insecure Medical Devices Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard.

Risk 113

Risk Social Engineering Internet Internet 113

Zero Day

JANUARY 8, 2025

The audio brand Audio-Technica announced the new ATH-CKS50TW2 earbuds at CES 2025.

115

115

Penetration Testing

JANUARY 8, 2025

The open-source VPN software OpenVPN has patched three significant vulnerabilities in OpenVPN 2.6.11, released on June 21, 2024. The post CVE-2024-5594 (CVSS 9.1): Critical Vulnerability in OpenVPN Enables Code Execution appeared first on Cybersecurity News.

VPN 112

VPN Software Cybersecurity 112

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Zero Day

JANUARY 8, 2025

If you like the idea of AI but don't want to share your content or information with a third party, you can always install an LLM on your Apple desktop or laptop. You'll be surprised at how easy it is.

111

111

The Hacker News

JANUARY 8, 2025

2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance.

Malware 110

Malware Data breaches Cyber Attacks 110

Zero Day

JANUARY 8, 2025

Our quest to go hands-on with every new laptop announced at CES has led us to these five picks, which stood out thanks to features, design, and value.

108

108

The Hacker News

JANUARY 8, 2025

The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission (FCC) said.

IoT 110

IoT Internet Internet Government 110

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

JANUARY 8, 2025

Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 2024, it borrows the code from the basic Mirai variant and now integrates N-day and 0-day exploits. By November 2024, Gayfemboy exploited 0-day vulnerabilities in Four-Faith industrial routers and Neterbit routers and Vimar smart home devices, with over 15,000 daily active nodes.

DDOS 104

DDOS Hacking Government Cybercrime 104

The Hacker News

JANUARY 8, 2025

Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious.

Cybersecurity 106

Cybersecurity 106

Zero Day

JANUARY 8, 2025

Smart home tech is one of the main events at CES and we've gathered the best you can find at the showcase.

105

105

The Hacker News

JANUARY 8, 2025

Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. "The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques," Cyfirma said in a technical analysis published last week.

Malware 102

Malware Cybersecurity 102

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Zero Day

JANUARY 8, 2025

I tried Halliday's AI smart glasses at CES 2025. With a display that's built into the frame - not the lens - they beat my Ray-Ban Metas in key ways.

104

104

NetSpi Technical

JANUARY 8, 2025

While everyone has been rushing to jump on the AI bandwagon, there has been a steady rise in AI/ML platforms that can be used in cloud service providers to run your data experiments. One of these platforms is the Azure Machine Learning (AML) service. The service is useful for handling large data processing tasks, as it seamlessly integrates with other Azure services that can feed it data.

Accountability 89

Accountability Authentication Identity Theft Social Engineering 89

Zero Day

JANUARY 8, 2025

If these smart glasses are any indication of what we're in for in 2025, it's going to be a wild ride.

102

102

Penetration Testing

JANUARY 8, 2025

Ivanti has issued a security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and Neurons for The post CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw appeared first on Cybersecurity News.

Cybersecurity 97

Cybersecurity 97

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Zero Day

JANUARY 8, 2025

Phishing is a form of social engineering where attackers try to get you to reveal your sensitive information through malicious links, SMS, QR codes, and more. Here's how to protect yourself in Chrome and Firefox.

Phishing 102

Phishing Social Engineering Engineering 102

SecureWorld News

JANUARY 8, 2025

The White House has officially launched the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program designed to help consumers make informed decisions about the security of their internet-connected devices. From baby monitors to home security systems, these IoT products have become integral to daily life, yet they also present significant cybersecurity risks.

IoT 85

IoT Manufacturing Government Cybersecurity 85

Zero Day

JANUARY 8, 2025

CES 2025 is in full swing, and there are plenty of audio products to check out. From open-ear headphones to booming sound systems, there's audio gear for everyone this year.

102

102

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” SonicWall is urging customers to upgrade the SonicOS firmware of their firewalls to patch an authentication bypass vulnerability tracked as CVE-2024-53704 (CVSS score of 8.2). The vulnerability resides in SSL VPN and SSH management and according to the vendor is “susceptible to actual exploitation.” “We have identi

Firewall 72

Firewall Firmware VPN Authentication 72

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Zero Day

JANUARY 8, 2025

CES is in full swing, and we've seen major announcements from the likes of TCL, Roborock, MSI, and more. Here's our roundup of the new tech you don't want to miss.

100

100

Penetration Testing

JANUARY 8, 2025

HPE Aruba Networking has issued a security advisory addressing multiple command injection vulnerabilities in its 501 Wireless Client The post CVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available appeared first on Cybersecurity News.

Wireless 88

Wireless Cybersecurity 88

Zero Day

JANUARY 8, 2025

We're at the final stretch of CES 2025, and we've seen major announcements from the likes of TCL, Roborock, Samsung, and more. Here's our roundup of the best tech you don't want to miss.

92

92

The Hacker News

JANUARY 8, 2025

Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.

86

86

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software