Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
IoT devices and applications often use a range of components, including third-party libraries and open source code. Steve Springett, who created Dependency-Track, explains how to reduce risk and keep third-party code up to date.
Google removed two Android apps made by Baidu, a Chinese company, from its Google Play store after security researchers found they were collecting and possibly leaking data that could have been used to track individuals.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
To be the first to bring a ground-breaking treatment or vaccine to market, pharmaceutical organisations need employees to stay productive whether no matter where they are or what device they're using t. But this greater connectivity is exposing your critically important intellectual property (IP) to countless mobile...
As online activity increases and digital footprints expand, so too does the overall application attack surface. The recent shifts in consumer behaviours have greatly accelerated business digital transformation and compounded the associated application fraud and abuse.
In response, security, fraud and marketing...
Despite a Thursday deadline that would have forced China-based ByteDance to shut down its TikTok video-sharing app in the U.S., the Commerce Department will allow the company to continue its American operations for now as various court cases continue.
The purpose of the Application Security in the DevOps Environment study, sponsored by HCL Software, was to better understand the state of organizations' ability to quickly prioritize and repair vulnerabilities in their applications.
Download the results drawn from 626 IT security, quality assurance and development...
As online activity increases and digital footprints expand, so too does the overall application attack surface. The recent shifts in consumer behaviours have greatly accelerated business digital transformation and compounded the associated application fraud and abuse.
In response, security, fraud and marketing...
India's payments-processor regulatory body has given the final go-ahead to roll out WhatsApp's processing payment services to 20 million users across the country, the agency and parent company Facebook announced. The approval comes after the social media giant applied for permission in 2018.
Apple issued an update for iOS and iPadOS on Thursday that fixes three zero-day flaws found by Google's Project Zero bug-hunting team and a range of other security-related flaws. Google says the bugs are being exploited by attackers but haven't been used in election-related cyber activity.
When software is everywhere, everything becomes an attack surface. The root cause of many successful cyberattacks lies primarily in vulnerable software itself. The real question that needs to be asked is, "Can the industry do a better job of writing more-secure code, making software applications nearly impenetrable to...
A recently identified hacking group dubbed UNC1945 used a never-before-seen zero-day vulnerability in the Oracle Solaris operating system to target corporate networks and plant malware, according to FireEye Mandiant. This threat actor is known to focus on telecom, financial and consulting firm targets.
The FBI has issued a flash alert warning that unidentified threat actors are actively targeting vulnerable SonarQube instances to access source code repositories of U.S. government agencies and private businesses.
CISA and Oracle are urging users to apply an emergency patch for a vulnerability in the software giant's WebLogic Server product. This "severe" bug is already under active exploitation and could allow an attacker to run malicious code, security experts say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
