As organizations move more data into the cloud, too many are treating security as an afterthought, says Outpost24's Bob Egner. Instead, as part of an agile development program, he recommends making penetration testing a constant, and using solid DevSecOps to maintain optimal cloud data security.
RSA's most recent Quarterly Fraud Report shows that "newsjacking" is increasingly empowering phishing attacks, says Angel Grant, RSA's director of identity fraud and risk intelligence. The report also shows a continuing surge in mobile app fraud.
For at least the third time in recent months, a mobile fitness app maker apparently has exposed consumers' sensitive personal information. The latest app to expose data: PumpUp.
As attackers get increasingly sophisticated in reverse-engineering applications, it is imperative that enterprises secure trusted applications that are reaching back into the datacenter from beyond the perimeter, says Rusty Carter of Arxan Technologies.
What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
Thirty-four companies have signed on to the Microsoft-led Cybersecurity Tech Accord, which is aimed at protecting civilians from cybercriminal and state-sponsored attacks. The agreement crucially includes a pledge not to help governments with cyberattacks
Organizations are increasingly incorporating open source code elements into their software development to accommodate agile development methodologies and swift go-to-market requirements, but not many are addressing the security concerns that follow, says CA Veracode CTO Chris Wysopal.
Organizations are developing new apps at the speed of business. But through the use of vulnerable code, they also are creating new risks just as fast. Chris Eng of CA Veracode offers new strategies and solutions to mitigate open source and third-party risks.
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
The unfolding story of Cambridge Analytica, which shows how personal information on millions of consumers was obtained via Facebook, demonstrates the degree to which our personal data can be weaponized against us.
Illegal transactions on the internet have long been conducted in the cryptocurrency bitcoin. But underground vendors are accepting new kinds of virtual currency that may be safer to store and offer more privacy protections, according to a new study of 150 dark web markets and forums.
The web may be largely funded thanks to online advertising, but the threat posted by malicious advertisements continues to escalate. Indeed, the latest malvertising scheme, uncovered by security firm Confiant, served 1 billion malicious advertisements.
We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.