SideStepper vulnerability can be used to install malicious apps on iOS
Check Point researchers have identified SideStepper, a vulnerability that can be used to install malicious apps on iPhones and iPads to steal login credentials and sensitive …
Hackers breaching law firms for insider trading info
Two of the most prestigious law firms in the US, best known for their financial services and corporate practices, have had their computer networks compromised by hackers. …
Consumers living in smart homes are willing to sell personal data
A majority of respondents worldwide might be willing to share their personal data collected from their smart home with companies in exchange for money, and 70 percent agree …
Linux security isn’t enough to stop data breaches
There is a difference between the security of an operating system and the security of the data created, which is edited and manipulated by people and saved on the operating …
NIST security standard to protect credit cards, health information
For many years, when you swiped your credit card, your number would be stored on the card reader, making encryption difficult to implement. Now, after nearly a decade of …
Student bypasses Valve’s review process, publishes game on Steam
Sometimes the only way to get an organization to listen to you when it comes to existing vulnerabilities in their products is to exploit them yourself and make the proof of …
1,400+ vulnerabilities found in automated medical supply system
Security researchers have discovered 1,418 vulnerabilities in CareFusion’s Pyxis SupplyStation system – automated cabinets used to dispense medical supplies …
Commonly used IoT devices vulnerable to privacy theft
A technical investigation by Bitdefender has discovered that four commonly used Internet of Things (IoT) consumer devices are vulnerable to attack. The analysis reveals that …
Carders use custom built POS malware to hit US retailers
Crypto-ransomware might be the most prominent type of malware these days, but that doesn’t mean that criminals have stopped using other kinds. According to FireEye …
Container security for enterprise computing
The largest pain-point today for organizations moving to a container strategy is that containers are being adopted and managed by developers. Operations and security do not …
Add IRM, data security and encryption to any app
Vera launched its new IRM-as-a-Service (IRMaaS) product, allowing developers to use Vera’s data security platform to build encryption, tracking, policy enforcement, and …
New alerts for Gmail users targeted by state-sponsored attackers
Since 2012, Google has been warning Gmail users when they have been targeted by state-sponsored attackers, but now the alert will be even more visible (and therefore less …
Featured news
Resources
Don't miss
- Building cyber resilience in banking: Expert insights on strategy, risk, and regulation
- CISO vs. CIO: Where security and IT leadership clash (and how to fix it)
- Why a push for encryption backdoors is a global security risk
- Innovation vs. security: Managing shadow AI risks
- Commix: Open-source OS command injection exploitation tool