Airline booking system provider Amadeus - whose system is used by 500 airlines - is investigating a software vulnerability that exposed passenger name records, which is the bundle of personal and travel data that gets collected when booking a flight.
The recent exposure of customer data on the website of Singapore Airlines as a result of a software bug is further evidence of the persistent challenge of adequately addressing security during the development stage.
Recent analysis by F5 Labs shows that 68% of malware installed through phishing is hiding in encryption. Security inspection tools such as next-generation firewalls, intrusion prevention systems, data loss prevention systems, and others are increasingly blind to SSL/TLS traffic. In some cases, they introduce latency...
Encrypting and decrypting traffic consumes a lot of computational power, so many security inspection solutions either don't decrypt at all or take such a huge performance hit that they pass along encrypted traffic just to keep up. Whether its traffic coming into your application or internal traffic going out to the...
The increase of SSL/TLS traffic indicates that organizations are more and more focused on safeguarding the integrity of the data that flows through their Internet-facing applications.
However, the concurrent growth of malware hidden within that encrypted traffic is cause for concern. Without visibility into your...
Efforts to protect privacy must be carefully balanced against the need to practically implement advanced technologies, argues Jared Ragland, senior director for policy in APAC at BSA/The Software Alliance, an advocacy group for software companies.
Open source components help developers build and deploy applications faster, but with increased speed comes greater risk. Maria Loughlin of Veracode describes how to reduce those risks through several steps, including component inventories and developer education.
Application threat modeling enables the systematic evaluation of applications from an attacker's point of view, says Fouad Khalil of SecurityScorecard.
DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.
For decades, IT professionals have been fighting malware, hackers, and other threats. Data protection, confidentiality, integrity and availability have long been threatened not only by amateur hackers, but by profit-oriented, well-organised criminals. Victims can usually only react because many of the usual methods...
A new study shows mobile apps in India seek access to more data than apps in other nations, says Shivangi Nadkarni, CEO at Arrka Consulting. Nadkarni says the data protection bill being considered in India eventually could help curb access to information via apps.
Israel-based Yehuda Lindell, a cryptography professor, describes how to use secure multiparty computation technology to protect cryptographic keys and describes other potential security applications.
Automotive smartphone apps that can be used to unlock or start a car pose new risks that must be managed, says Asaf Ashkenazi of Inside Secure, a mobile security firm, who provides risk mitigation insights.
The coming end-of-support for Windows Server 2008 leaves IT organizations with few viable options to receive security updates beyond the cut-off date of January 14, 2020. Upgrading will be no small feat as roughly 70% of enterprise Windows applications run on Windows Server 2008 or earlier versions*.
Attend this...
As application development teams strive to deploy features and changes into production as quickly as possible, an organization must rapidly adapt to ensure it's security posture is maintained yet doesn't slow down the build-to-deploy pipelines. The power of Kubernetes and Deep Security Smart Check together reduce the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
