Loading...
CSO US First Look
The day's top cybersecurity news and in-depth coverage
January 10, 2025
SEC rule confusion continues to put CISOs in a bind a year after a major revision
Despite a spate of recent actions exemplifying how the US Securities and Exchange Commission is enforcing disclosure and compliance, companies are still unsure how and what to report.
Read more
DNA sequencer vulnerabilities signal firmware issues across medical device industry
Eclypsium security researchers have uncovered UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, but the broader issue involves the device development process at large.
New Mirai botnet targets industrial routers
Security researchers warn of a new variant of the Mirai botnet. Attackers used it for zero-day exploits on industrial routers.
SonicWall firewall hit with critical authentication bypass vulnerability
The company urged admins to immediately patch their firewalls to fend off threats of easy exploitation.
China-linked hackers target Japanâs national security and high-tech industries
Authorities reveal advanced cyber tactics exploiting tools such as Windows Sandbox and Visual Studio Code, urging immediate defensive measures.
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
The software maker announced that a stack-based buffer overflow flaw in its VPN appliance has been exploited in the wild. Ivanti Policy Secure and Ivanti Neurons for ZTA gateways are also impacted.
UN agencyâs job application database breached, 42,000 records stolen
The agency, which supports the operation of international civil aviation, said air traffic is safe, but one analyst raised doubts about that.
© 2025
