A lawsuit alleges that a security flaw in a Google COVID-19 contact-tracing tool is exposing personal and medical information of millions of users to third parties through device system logs. But Google says it reviewed the issue, updated code and is ensuring the fix is rolled out to users.
Almost every organization has adopted cloud computing to some extent, and with this great power comes great responsibility. How are cybersecurity leaders managing visibility, access and risk? We asked this exclusive panel of CEOs and CISOs, and they shared frank and thoughtful advice.
Private equity firm Thoma Bravo on Monday announced it had signed a definitive agreement to acquire the cybersecurity and compliance firm Proofpoint in a $12.3 billion all-cash deal.
Apple has patched a zero-day flaw in macOS 11.3 that attackers have been exploiting since at least January to install advertising software on victims' systems. The flaw enables a malicious script to be deployed that bypasses Notarization, Gatekeeper and File Quarantine security defenses.
The FBI has shared 4.3 million email addresses stolen by the Emotet malware with the Have I Been Pwned breach notification site. The entry of those addresses into the site increases the chance that those infected with Emotet can take remediation actions, such as changing passwords.
Dan Kaminsky, a renowned security researcher, died last week at age 42. He gained cybersecurity fame in 2008 after discovering and helping to coordinate a patch for a massive security flaw in the internet's Domain Name System.
Attackers implanted malware into Click Studios' Passwordstate password manager update process, potentially exposing 29,000 users to exfiltration of passwords and other data, the company reports.
Does the West want to have its digital existence defined by adversaries, or is it ready to devote the time, resources, expertise and planning required to more fully take control of its evolving destiny? That's the techno-Darwinian call to arms issued by Jeremy Fleming, the director of Britain's GCHQ intelligence...
A Russian botnet group called Prometei is exploiting unpatched Microsoft Exchange Server vulnerabilities to mine cryptocurrency across the world, a new report by security firm Cybereason finds.
Facebook says it disrupted two Palestinian advanced persistent threat groups that targeted victims across the Middle East as part of cyberespionage campaigns. The groups used malware and advanced social engineering tactics to target journalists, human rights activists and military groups.
Rapid7 has acquired Velociraptor, an open-source endpoint-monitoring organization and community that will continue to operate as a stand-alone entity while the security firm adopts some of its technology. Meanwhile, Zscaler had announced a deal to buy Trustdome.
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
The FIDO Alliance, an association that has developed voluntary authentication standards with a goal of minimizing the use of passwords, has launched an onboarding protocol for IoT devices that's designed to enhance security.
More use cases are emerging for self-sovereign identity, which gives individuals more control over their digital identities, according to Heather Dahl and Ken Ebert of Indicio.tech.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.