Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
The Insurance Authority of Hong Kong has issued cybersecurity guidelines - including data breach reporting requirements - with a compliance deadline of January 2020. What else is now required?
Broadcom has reportedly suspended its effort to acquire Symantec after the two companies failed to agree on a price for the deal. The negotiations had been ongoing for several weeks.
Fraudsters continue to get new tricks up their sleeves. Criminals are increasingly using Apple Pay, setting up mobile call centers to socially engineer victims as well as tricking consumers via fake e-commerce sites that never fulfill orders, fraud-fighting experts warn.
Apple has taken an extraordinary move to protect its users from a yet-to-be-disclosed vulnerability that could compromise Macs that have the Zoom video conferencing software installed. It released a silent update to remove a vulnerable left-behind local web server, which likely has a remote code execution flaw.
Cybersecurity firm McAfee is reportedly planning a return to the public market, eyeing an IPO that could happen as early as later this year, raise $1 billion and value the company at $5 billion, The Wall Street Journal reports. The news comes amid a record volume of technology sector IPOs, including for Crowdstrike.
Authentication vulnerabilities in certain GE Healthcare anesthesia devices could potentially allow remote attackers to meddle with the devices, researchers say. GE disputes some of the findings. Find out what other security experts have to say.
Sensitive information, including credit card and phone numbers, was left exposed to the internet on an unsecured database belonging to Fieldwork Software, which provides cloud-based services to small businesses, researchers note in a new report.
The U.S. Coast Guard has issued an alert about an increase in malware attacks targeting the networks of commercial vessels. It's warning ship owners to take more cybersecurity precautions.
As healthcare providers connect more and more devices to their networks, ensuring data security becomes far more complex, says Steve Hyman of Ordr, who describes best practices.
Chris Hickman of Keyfactor explains the challenges of securing and protecting medical devices and the data they collect while delivering the functionality that users demand.
Jeff Gilhool of Lookout explains how phishing and malware are becoming bigger issues for mobile devices and describes what healthcare organizations can do to incorporate HIPAA compliance in their mobile device management plans.
A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
Canonical Ltd., a British company that offers commercial support and services for the popular Ubuntu Linux open source operating system, is investigating a hack of its GitHub page over the weekend. The source code for the system was not affected, the company says.
Increasingly, regulators are looking to hold individual executives accountable for data breaches. This is where attorney Aravind Swaminathan steps in to represent security leaders in legal actions. What are the potential liabilities?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
