Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
The collaboration enabled by Office 365 through file sharing and online services can streamline processes and give your company a competitive advantage and result in faster time to market. But how can people collaborate effectively if their apps are slow to respond, or their video quality is poor, or their connections...
A proactive approach to your agency's security posture is a highly cost-effective way to reduce your cybersecurity exposure; particularly when you consider security breaches have increased by 11% since 2018 and 67% since 2014. To help you reduce your exposure, the Essential 8 are the fundamental elements from the...
The business disruptions caused by the COVID-19 pandemic will lead to better cybersecurity practices over the long haul, says Sudip Banerjee of Zscaler.
Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.
Microsoft's Azure Security Center has detected a new hacking campaign that for the first time specifically targets the Kubeflow platform on Kubernetes and uses XMRig cryptominer to mine for monero across multiple clusters.
Carnegie Mellon University Software Engineering Institute's CERT notification center has posted a warning of a flaw in the Universal Plug and Play protocol that could potentially affect billions of internet-connected devices. If exploited, this flaw could lead to DDoS attacks and theft of data.
Perceived wisdom is that mobile voting will be open to significant opportunities for interception, manipulation and nation-state interference. Nimit Sawney, CEO of Voatz, describes the architecture of a secure mobile voting system.
The number of reported vulnerabilities found in open source software more than doubled in 2019 to almost 1,000, with projects such as Magento, GitLab, and Jenkins posting the largest increases, according to security firm RiskSense.
Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT.
An independent security researcher disclosed a zero-day vulnerability contained in the "Sign in with Apple" feature that, if exploited, could have resulted in a full account takeover. The vulnerability has been patched, and Apple says it found no account misuse tied to it.
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
In an interview with Information Security Media Group's Tom Field, Rose...
Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.
The latest edition of the ISMG Security Report features Retired General Keith Alexander, former NSA director, discussing the long-term security implications of the shift to working from home. Also: an update on ransomware gangs leaking data and an analysis of using open source code for app development.
Apple and Google have released new APIs designed to support contact-tracing apps being developed by governments to help combat the COVID-19 pandemic. Already at least three U.S. states and 22 countries have expressed interest in using the APIs to build their apps.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
