A vulnerability in a government-run website designed to assist employees in linking to their Provident Fund retirement accounts with their Aadhaar numbers was targeted by hackers, reportedly exposing data on millions.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.
Security still remains an afterthought when many organizations are adding new technologies to provide a differentiated customer experience, says Anna Convery of Radware, who recommends a change in approach.
Twitter has apologized after it discovered that it had been inadvertently storing users' passwords in plaintext in an internal log, potentially putting them at risk. Twitter has blamed a bug for the fault and recommends all users change their passwords immediately.
Australia's Commonwealth Bank has confirmed that two magnetic tapes containing transaction information for 19.8 million accounts went missing two years ago after mishandling by a subcontractor. A forensic investigation concluded the tapes were likely destroyed, and no fraudulent activity has been detected.
Despite the buzz about digital transformation, most enterprises remain overwhelmed by having to support and secure legacy technologies, says Mark Loveless of Duo Security. How can they simultaneously protect their legacy systems while securing their future?
What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
Cambridge Analytica, the data analysis firm that reportedly received data on up to 87 million Facebook users without their consent, shut down on Wednesday. The company had worked on the 2016 campaign of U.S. President Donald Trump. But its backers have launched a new firm, called Emerdata.
A dozen medication and supply management products from Becton Dickinson and Co. are vulnerable to flaws identified last year in the WPA2 protocol, putting the products at risk for so-called KRACK attacks, according to a federal alert. Such attacks can potentially lead to malware infections.
Mark Jaffe is less concerned about how adversaries breach networks, but more concerned about how to secure their actual target - critical data. His startup company, Allure Security, intends to help secure that data.
Fitbit and Google say they are collaborating to accelerate innovation and "transform the future" of digital health and wearables, leveraging cloud computing. Some observers, however, say the partnership also raises privacy, security and patient safety questions.
The managed security services marketplace has matured, says Rick Miller of Trustwave. But persistent myths continue to color perceptions. Miller attempts to shatter those myths and shed light on the market's new realities.