Yazılar

White House Launches Cyber Trust Mark for Smart Devices to Rate Security

/in /tarafından

The White House has introduced a new initiative aimed at helping consumers assess the cybersecurity of internet-connected devices. The Cyber Trust Mark, a stylized shield logo featuring microchip-style detailing, will be applied to products such as smart thermostats, baby monitors, app-controlled lights, and other IoT devices. The label is designed to provide a quick, easily recognizable guide to the security of these devices, similar to food labeling by the U.S. Department of Agriculture or the Energy Star rating on appliances.

For a product to receive the Cyber Trust Mark, manufacturers must ensure their devices meet cybersecurity criteria set by the U.S. National Institute of Standards and Technology (NIST), verified through compliance testing by accredited laboratories. As more everyday products, from fitness trackers to security cameras and even ovens, become internet-connected, the potential for cybersecurity vulnerabilities increases, posing privacy and safety risks.

Anne Neuberger, the U.S. Deputy National Security Advisor for Cyber, emphasized that each connected device could become a potential target for cyber attackers. The Cyber Trust Mark is voluntary for manufacturers, but Neuberger hopes it will encourage consumers to prioritize security by choosing products with the label. She also suggested that consumers might demand the label when purchasing connected devices to ensure their privacy isn’t compromised.

Initially, the Cyber Trust Mark will focus on consumer products like cameras, with plans to extend to home and office routers and smart meters. Devices bearing the label are expected to appear on store shelves later this year. Additionally, the White House is preparing an executive order that will restrict U.S. government purchases to only those products carrying the Cyber Trust Mark, starting in 2027. The initiative has garnered bipartisan support.

 

Hacker Claims Breach of US Location Tracking Company Gravy Analytics

/in /tarafından

An unknown hacker is claiming responsibility for a breach at U.S. location tracking company Gravy Analytics, with screenshots of the boast circulating online. The breach details remain unclear, but a Russian-language post and screenshots uploaded early Sunday to XSS, a site frequented by cybercriminals, allege that the company was hacked, and large volumes of data were stolen.

Gravy Analytics, which merged with Unacast in 2023, has not commented on the situation. Attempts to contact both Gravy and Unacast were unsuccessful, and Gravy’s website was down on Wednesday. The leaked data, around 1.4 gigabytes, has been reviewed by experts who have confirmed its authenticity, raising concerns that the breach is legitimate.

This hack follows recent scrutiny from the U.S. government over companies, including Gravy, that collect and sell highly detailed location data. The Federal Trade Commission (FTC) had previously settled with Gravy Analytics and another broker, Mobilewalla, over deceptive practices in gathering location data without proper consent. The FTC has raised alarms over the vulnerability of Americans’ sensitive data, especially in the context of targeted advertising and surveillance.

 

Wiz Appoints Fazal Merchant as President and CFO to Prepare for IPO

/in /tarafından

Israeli cloud security firm Wiz has appointed veteran executive Fazal Merchant as its president and chief financial officer (CFO) to continue its rapid growth and pave the way for a U.S. initial public offering (IPO) in the next year.

Merchant’s appointment comes after the company turned down a reported $23 billion acquisition offer from Google’s parent company, Alphabet, in July. Wiz’s CEO Assaf Rappaport emphasized that the company’s focus would now be on an IPO and reaching an annual recurring revenue of $1 billion.

Currently, Wiz generates approximately $500 million in annual revenue, having grown significantly since its 2020 founding. The company serves half of the Fortune 100 companies and has raised $1.9 billion in private financing, with a valuation of $12 billion after raising $1 billion in May 2023.

Merchant, who previously served as co-CEO of U.S. cybersecurity firm Tanium and CFO of DreamWorks Animation, highlighted Wiz’s healthy liquidity and its strategy to prepare for the IPO. He noted that IPO readiness could take 12 months, or potentially longer, depending on market conditions.

Merchant also emphasized Wiz’s goal of becoming the leader in cloud security as the global shift to cloud computing continues, with only 15% of the world’s infrastructure in the cloud. As the company expands in Europe and Asia, it sees significant growth potential in the cybersecurity sector.