Security Bulletin

New cybersecurity regulations from the FDA outline specific steps that medical device companies must take in order to get their devices approved for market.

FedScoop reports that challenging feedback for the updated Federal Risk and Authorization Management Program draft guidance has prompted the Office of Management and Budget to extend the last day of public comments from Nov. 27 to Dec. 22.

New regulations have been introduced by the Federal Communications Commission to better protect consumers against increasingly prevalent SIM swapping attacks, reports BleepingComputer.

Cybersecurity Dive reports that U.S. carpet cleaning firm Stanley Steemer International confirmed that it had information from 66,978 customers compromised in a data breach earlier this year.

More than 330,000 Medicare recipients had their sensitive information compromised after the U.S. Center for Medicare & Medicaid Services had its third-party contractor Maximus Federal Services impacted by the widespread MOVEit file transfer system...

Japanese mobility manufacturer Yamaha Motor and New York-based healthcare organization WellLife Network have been impacted by separate ransomware attacks claimed by the INC ransomware operation, according to The Record, a news site by cybersecurity...

Chicago Trading Company and New York-based investment firm Alphadyne were claimed to have been compromised by the LockBit ransomware gang on its dark web site just days after admitting responsibility for an attack against Industrial & Commercial Bank...

Increasingly prevalent attacks have been conducted by the 8Base ransomware operation as it leverages a new Phobos ransomware variant, according to The Hacker News.

Threat operation UAC-0050 has leveraged the Remcos surveillance tool in new attacks against Ukrainian government agencies believed to be part of a cyberespionage campaign, reports The Record, a news site by cybersecurity firm Recorded Future.

Ukrainian organizations have been targeted by Russian state-sponsored hacking operation Gamaredon, also known as Iron Tilden, Aqua Blizzard, Shuckworm, Primitive Bear, and Winterflounder, with the LitterDrifter USB worm in new cyberespionage attacks...

Organizations in the U.S., Canada, China, India, Myanmar, Pakistan, the United Arab Emirates, and other parts of the world have been subjected to cyberattacks enabled by Indian hack-for-hire firm Appin Software Security since 2009, according to...

A joint resolution proposed by members of House and Senate would overturn new SEC rules to disclose cyber breaches within four days.