Education plays a critical role in any program designed to combat insider threats, says Christopher Greany, head of group investigations at Barclays. He'll discuss how to start an insider threat program in a presentation at Information Security Media Group's Security Summit: London, to be held Oct. 23.
While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps.
The recent breach at Facebook, which affects 50 million users, is likely to have a big impact on Asians who use Facebook's single sign-on feature to log into third-party apps. India is the world's largest market for the social media giant.
Facebook says that whoever hacked 50 million user accounts, putting the privacy of those users' personal data at risk, did so by abusing its "View As" privacy feature. Facebook says the attack successfully targeted three separate bugs in its video-uploading functionality.
The four-member Committee of Inquiry investigating the SingHealth data breach that affected 1.5 billion patients in Singapore heard testimony at a hearing that the healthcare organization's technology vendor failed to take prompt action on security alerts because a key cybersecurity employee was on leave.
Several days after the Port of San Diego was hit by a crypto-locking ransomware attack, incident response efforts remain underway and many port systems remain offline. Port officials say the attacker has demanded a ransom, payable in bitcoin, for the promise of a decryption key.
An Australian man who as a teenager managed to infiltrate Apple's networks and do it again after the company expelled him - aided by a folder on his laptop storing his "Hacky Hack Hack Methods" - has been sentenced to serve eight months of probation, according to news reports.
Leading the latest edition of the ISMG Security Report: The reaction to the recently released White House cybersecurity strategy. Also featured: A discussion of GDPR's impact on class action lawsuits.
Ryan Duquette, an independent forensics examiner who formerly was a criminal investigator in law enforcement, offers insights on public/private partnerships and how investigators can work better with enterprises in the event of a breach.
Privacy advocates are praising the India Supreme Court's ruling that private entities can no longer require the use of Aadhaar data for authentication, but they're pressing for swift passage of a new data protection law.
A national cybersecurity strategy document released by the White House last week - along with comments from a top Trump administration official that the U.S. would step up its offensive cyber measures - are getting mixed reviews from cybersecurity experts.
At RSA Conference 2018 Asia Pacific & Japan, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.
WhatsApp has agreed to appoint a grievance officer for India who will handle complaints about fake news. The nation's government had demanded the action in the wake of recent mob violence triggered by fake news spread on the social media platform. But will the appointment have a significant impact?
Scan4You, a notorious cornerstone of the cybercrime-as-a-service economy that allowed malware developers to more easily create code to bypass anti-virus defenses, has been dismantled, and its Latvian technical administrator has been slammed with a 14-year U.S. prison sentence.
In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.