Recent Security News
-
Tor Project removes relays because of for-profit, risky activity
November 20, 2023 at 08:10PM The Tor Project removed multiple network relays that posed a threat to user safety and security. Some relay operators were involved in a for-profit cryptocurrency scheme, which goes against the principles of the community. Removing the relays sparked discussions about relay policies and the risks of centralization. The specific details…
-
Exploited Vulnerabilities Can Take Months to Make KEV List
November 20, 2023 at 06:40PM The Cybersecurity and Infrastructure Security Agency (CISA) has been criticized for delays in updating its Known Exploited Vulnerabilities (KEV) catalog. The catalog, which lists vulnerabilities that attackers are actively exploiting, often lags behind public disclosure of vulnerabilities and the release of proof-of-concept (PoC) code. CISA’s requirement for clear remediation guidance…
-
What Healthcare Cybersecurity Leaders Should Know About the FDA’s Section 524B Guidelines
November 20, 2023 at 06:26PM The FDA has issued updated regulations regarding the cybersecurity requirements for medical devices. The regulations, found in Section 524B of the FD&C Act, went into effect on October 1, 2023. They apply to anyone submitting a premarket application for a “cyber device.” The purpose of the regulations is to ensure…
-
Gamaredon’s LittleDrifter USB malware spreads beyond Ukraine
November 20, 2023 at 05:34PM LittleDrifter is a recently discovered worm that spreads through USB drives and has infected systems in multiple countries. It is believed to be part of a campaign by the Gamaredon state-sponsored espionage group. The malware establishes communication with the group’s command and control server and spreads through USB drives using…
-
Lasso Security Emerges From Stealth With $6M Seed Funding for Gen AI and Advanced LLM Cybersecurity
November 20, 2023 at 05:19PM Lasso Security, a cybersecurity company specializing in Large Language Models (LLMs), has raised $6 million in a seed funding round led by EntrĂ©e Capital and Samsung Next. Lasso aims to address the cybersecurity challenges posed by LLMs and provide comprehensive protection for businesses leveraging Generative AI. The funds will be…