To deal with the problem of "shadow IT" during the COVID-19 pandemic, organizations should put in place redefined compliance and governance policies, take a multilayered security approach and adopt a security framework to prioritize risks, a panel of three experts advises.
Apple is now preparing final patches for two zero-day vulnerabilities that a security firm says have been exploited by certain attackers to seize control of iPhone and iPad email apps, giving them access to users' messages.
The global pandemic has revealed a lot about the extended remote workforce and its haves and have-nots, says Mike Kiser of SailPoint Technologies. In a preview of an upcoming virtual roundtable, he describes the cybersecurity forces shaping the new post-crisis workforce.
Many governments are pursuing contact-tracing apps to combat COVID-19, but such projects risk subjecting populations to invasive, long-term surveillance - as well as insufficient adoption - unless they take an open, transparent and as decentralized approach, says cybersecurity expert Alan Woodward.
The U.S. Small Business Administration says a flaw in an online application portal may have exposed the personal data - including Social Security numbers - of approximately 8,000 loan applicants seeking help coping with the economic impact of the COVID-19 pandemic, according to news reports.
Cybercriminals are using spoofed messages and images from Zoom and Cisco WebEx as lures in new phishing campaigns that are designed to steal credentials or distribute malware, according to the security firm Proofpoint.
A new threat intelligence platform dedicated to COVID-19 malicious cyber activity is designed to help organizations defend themselves better, says Nick Espinosa of the COVID-19 Cyber Threat Coalition.
About 25,000 email addresses and passwords that are apparently for staff at the World Health Organization, the Gates Foundation, the U.S. National Institutes of Health and other organizations have been dumped online, according to the Washington Post.
IT services and consulting giant Cognizant is still assessing the damage from a ransomware attack on Friday. And it's warning that the incident is disrupting services to some of its clients and could affect the company's revenue.
In the age of COVID-19 - when staying as close to home as possible and trying to avoid touching anything in public that might spread coronavirus is the new normal - cash is out, and "contactless" payments are in, if you're lucky enough to be able to use them.
All contact-tracing apps for combating COVID-19 must be developed in an open and transparent manner, remain voluntary, be based on Bluetooth, and allow users to opt in, or else they risk making the global pandemic even worse, 200 of the world's leading scientists and researchers have warned.
TrickBot is the malware most commonly distributed in phishing emails that use the COVID-19 pandemic as a lure to entice victims to open up attached files or malicious links, according to Microsoft.
With $30 million in funding, Silicon Valley icons Jim Clark and Tom (TJ) Jermoluk launched Beyond Identity, a new identity management platform that promises "the end of passwords." Jermoluk discusses the technology and how this is a continuation of what he and Clark started 25 years ago.
CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are now using stolen Active Directory credentials to access networks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.