Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
Apple released a patch on Monday that fixes a bug it accidentally reintroduced in a previous patch update. The flaw allowed iOS enthusiasts to jailbreak their up-to-date devices, but also could have been put to malicious use by hackers.
The 2019 Internet Security Threat Report takes a deep dive into insights from the Symantec Global Intelligence Network (GIN), revealing the latest trends in cyber security attacks including ransomware, formjacking, cloud security and mobile threats.
Through GIN, Symantec has established the largest civilian threat...
Many corporate boards of directors in India have made progress in recognizing cybersecurity as a priority. But clearly, they still have a lot of work to do. Panelists at a recent ISMG summit in Bengaluru offer insights.
At this week's Information Security Media Group Fraud & Breach Summit in Bengaluru, India, national cybersecurity coordinator Lt. Gen. (retired) Rajesh Pant spoke about the challenges facing the country over the coming years.
Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group. WhatsApp says a "select number" of targets were hit by the attacks, which it has blamed on "an advanced cyber actor."
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
The Reserve Bank of India is proposing that financial technology firms be allowed to test new products and services that might require the relaxation of certain compliance regulations in what's called a "regulatory sandbox" approach.
Google is facing questions from Congress about Sensorvault, its database that stores the geolocation data of millions of Android users, which has sometimes been shared with police as part of criminal investigations.
The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
Organizations need to go far beyond putting security software on mobile devices and develop a much broader mobile security strategy, says Michael Covington of Wandera.
Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
An "Asian female" has been arrested for attempting to access President Donald Trump's Mar-a-Lago club while he was staying there, claiming she wanted to use the pool. Prosecutors say the apparent Chinese national was carrying a USB thumb drive containing "malicious software" - and had no swimsuit.
Smartphone security is paramount for certain scenarios, but software based encryption has been shown to be insufficient. Mike Fong, founder and CEO of Privoro, demonstrates a hardware based solution to smartphone encryption
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.