Specialized Cyber Security Search

2+ min ago (431+ words) By Franklin D. Kramer, Robert J. Butler and Melanie J. Teplinsky Policymakers should prioritize securing critical infrastructure whose cybersecurity failures could have catastrophic impacts on national security, economic security, public health or safety.Such systems include the electrical grid, water systems, ports, rail and air transportation as well as national, state, and local governments. A fundamental cybersecurity problem stems from the widespread use of software written in unsafe programming languages.These languages, developed in the early days of computing'before cybersecurity was even a consideration'were designed for efficiency, but are vulnerable to a class of programming bugs known as "memory safety errors." Memory safety errors have been described as "today's biggest attack surface for hackers and are estimated to be responsible for nearly 70% of software vulnerabilities.Fortunately, today's memory safe programming languages (e.g., Rust) are specifically designed to eliminate memory safety errors. The federal government…...

6+ min ago (769+ words) S-Docs is a Business Reporter client Amid rising costs and turnover, organisations are recalibrating operations, technology and workforce strategies to protect both people and profits. Most IT and operations leaders would never knowingly underinvest in compliance. But what if the biggest threat to your audit readiness, regulatory standing and customer trust isn't your cloud infrastructure or cyber-security stack but something far more mundane? The result is a rising number of compliance blind spots that cost companies time, money and credibility. Today, most critical documents " proposals, contracts, compliance reports " are still created, edited and routed through manual channels, such as email threads, word processors and spreadsheets. Even when automation is available, it's often half-implemented or bypassed altogether under deadline pressure. Compliance risk isn't always loud. Sometimes, it slips through the cracks of everyday work when a sales rep bypasses the review…...

8+ min ago (310+ words) Common and rare genetic variants linked to idiopathic pulmonary fibrosis (IPF) and reveals substantial genetic overlap with severe COVID-19, highlighting shared biological pathways and potential therapeutic targets. A large-scale genomic investigation has identified new genetic risk factors for idiopathic pulmonary fibrosis (IPF) and revealed substantial overlap with pathways that also predispose individuals to severe COVID-19, offering fresh insight into disease biology and potential avenues for shared therapeutic development. Integrating whole-genome sequencing with existing global datasets, the researchers say their study, published in eBioMedicine, has generated the most comprehensive picture to date of common and rare genetic variations underlying IPF. The analysis uncovered a previously unreported risk locus at 1q21.2, with the lead variant (rs16837903) exhibiting a protective effect and mapping near the gene MCL1, a known regulator of apoptosis. This association was replicated in an independent cohort, strengthening confidence that it reflects a…...

11+ min ago (316+ words) But not iMessage. Despite even Snapchat being hit with new restrictions, it appears that Apple's in-house, fully encrypted messenger has escaped unscathed. Quipping that "I'm sure the crime rate in Russia will soon plummet," John Gruber posed the obvious question on his Daring Fireball blog. "I'm curious why iMessage isn't blocked too." The likely answer came via Mastodon. It seems Apple managed to sneak iMessage in under the noses of the mobile network operators when it launched, undermining their own SMS platforms. iMessage runs on the same platform as iPhone's push notifications, and these were a major USP back in the day. You can't have one without the other. Apparently, that's the same reason push notifications works on messaging only in-flight Wi-Fi, even when the apps behind those notifications are not connected. Watch this space. Encrypted messaging is now facing…...

16+ min ago (254+ words) A new year is on the way, and with it comes a little more peace of mind for older adults who worry about falling victim to scams. Beginning in January, the New York State Office for the Aging will introduce a new tool to help seniors determine whether a message they receive is real. The program, SilverShield, gives users a simple way to check suspicious emails or texts. Greg Olsen, who leads the New York State Office for Aging, explained the idea in a very down-to-earth way. He said that when he gets a message claiming he forgot to pay a toll and urging him to click a link, he can just forward that message to SilverShield. The system then analyzes the wording and other details and sends back a quick assessment of how likely it is to be a…...

21+ min ago (1468+ words) When I began thinking about what to do for my Master's thesis, one question kept resurfacing: How do people actually classify malware? I had always been curious about the internal logic behind malware categorization, not just at a high level, but at the level of processes, features, and decision-making. In the end, the thesis became more of a means to an end: a structured excuse to finally build something I'd wanted for years, my own static malware analyser. To do that, I needed a system that was: This article describes how I designed the baseline analysis pipeline, what I learned from it, and why building it was the most effective way to understand how malware works (see survey: ResearchGate). I chose static analysis because it's the simplest, safest way to make progress fast. You can point mature tools like Ghidra…...

24+ min ago (197+ words) Broadcom last closed at $406.29 up 1.3%, not far from its 52-week high. In other market news, Moore Threads Technology was trading firmly up 17% and closing at CN735.00. Meanwhile, Winbond Electronics trailed, down 5.3% to finish the session at NT$67.50. Broadcom's leap in AI and Ethernet tech heightens urgency for investors with potential 25.9% revenue growth; click to explore this opportunity further. Don't miss our previous Market Insights article, which discusses AI chips' substantial impact on S&P gains'act quickly to stay informed! Micron Technology finished trading at $252.42 up 2.2%, hovering around its 52-week high. Advanced Micro Devices settled at $221.62 up 0.2%. NVIDIA finished trading at $184.97 down 0.3%. Two days ago, Super Micro announced the expansion of its NVIDIA Blackwell architecture portfolio with advanced liquid-cooled systems to enhance GPU density and power efficiency for AI data centers. Interested In Other Possibilities? These 10 companies survived and thrived after COVID…...

28+ min ago (212+ words) A team of cybersecurity researchers at Sysdig, a firm specialising in protecting cloud and container-based apps, has found a new malware called EtherRAT being deployed to exploit the severe CVE-2025-55182 React2Shell vulnerability. The discovery was made on December 5, 2025, just two days after the vulnerability was publicly revealed. The latest research from Sysdig TRT reveals that the danger of the React2Shell vulnerability is rapidly expanding. While early exploitation was dominated by payloads from opportunistic cryptominers and sophisticated China-nexus groups deploying credential harvesters and backdoors, Sysdig's investigation revealed that EtherRAT represents an escalation in this activity. To guarantee a permanent backdoor, the program is designed for long-term stealth, establishing five different ways to ensure it restarts on a system. TRT also believe that the software is linked to North Korean hacking groups because of a "significant overlap with North Korea-linked "Contagious Interview" (DPRK) tooling....

44+ min ago (325+ words) On October 21, 2025, the New York Department of Financial Services ("NYDFS") sent a letter to the executives and information security personnel at covered entities with new guidance for managing technology and data risks related to third-party service providers ("TPSPs")....By: Jones Day NY Department of Financial Services Signals Increased Scrutiny of Third-Party Technology Risk Management On October 21, 2025, the New York Department of Financial Services ("NYDFS") sent a letter to the executives and information security personnel at covered entities with new guidance for managing technology and data risks related to third-party service providers ("TPSPs"). According to the NYDFS, the guidance responds to increasing reliance by covered entities on TPSPs to manage technology services, such as cloud computing, file transfer systems, AI, and fintech solutions, and gaps identified by the NYDFS during recent reviews of TPSP risk management at various covered entities. The…...

48+ min ago (297+ words) Singapore's MetaComp has secured $22m in a series pre-A financing round, to scale a Web2.5 fiat and stablecoin hybrid payment network for international transactions. Investors in the round include Eastern Bell Capital, Sky9 Capital, Noah, Beingboom Capital, and Freshwave Fund, with 100Summit Partners acting as the exclusive financial advisor for the transaction. The funding round comes after the November launch of StableX Network, which features MetaComp's upgraded VisionX risk-intelligence engine. MetaComp said it holds a Major Payment Institution licence from the Monetary Authority of Singapore. The company provides a suite of regulated digital payment token (DPT) services, including over-the-counter and exchange trading, on/off-ramp fiat settlement via payment partners, custody of digital tokens and brokerage activities related to DPTs. It improves partnership between institutions via a shared intelligence layer. According to the company, the Web2.5 framework combines regulated finance standards with the operational speed of…...