A critical vulnerability has been disclosed in hardware RNGs used in billions of IoT devices whereby it fails to properly generate random numbers, thus putting them at risk of hacking attacks.

Only two security key models will be available from tomorrow, namely Titan keys with USB-A and USB-C connectors, both of which also support NFC (Near Field Communication) for mobile connectivity.

While the misconfiguration has been known since at least last year and Salesforce has taken steps to prevent incidents, security company Varonis says it’s still seeing many affected organizations.

The RansomExx gang is threatening to release more than 112 GB of data that may include confidential documents from chip makers Intel and AMD and American firm Megatrends.

Organizations in the healthcare sector – and especially those engaged in delivering healthcare services – have always been juicy targets for cyberattackers. The pandemic further boosted this trend.

The company said it had learned that the personal information of some customers from its database — including names, birth dates, phone numbers, and shopping histories — had been breached last week.

The insurer for Joplin paid $320,00 to an unknown person after a ransomware attack shut down the city’s government’s computer system last month, Joplin City Manager Nick Edwards said Thursday.

At least one student within the public school system managed to access a Google Drive that contained the private information of students and department employees across the city.

The company is coordinating with multiple CERT organizations worldwide to take down the botnet’s infrastructure by shutting down all detected command-and-control (C2) servers.

Application security testing (AST) company Checkmarx has acquired Dustico, a platform for detecting backdoors and other malicious activity in the open source software supply chain.