American arts and crafts giant Hobby Lobby has exposed a large amount of customer data, including names, phone numbers, physical and email addresses, and the last four digits of payment cards, and the source code for the company's app, according to a security researcher known as "boogeyman," who discovered the leak.
In the current environment, it is wise to incorporate security into your software development lifecycle as early as possible. Historically, security checks were a pre-release gateway for a software team: if you passed, your product/service could go to production. At the same time, security checks used to require a code and environment freeze, while audit preparations led to chaos and a non-systematic approach in collecting important security documentation. All these elements led to a bottleneck for the project team. However, a long wait for security testing results is no longer an option since the typical project pace has significantly increased. Various project models suggest their own approaches for introducing security into software development.
Employees create content on a daily basis. Much of this content has no long-term value and is not business critical, however, a small percentage is key to running operations. If this data goes missing or falls into the wrong hands due to a ransomware attack, an organization could be severely wounded and could be at the risk of extinction.
Access to clinical applications and medical information in a digital healthcare environment is vital. Yet, careful consideration must be made to ensure data and systems are protected against unintended or malicious activities. Securing infrastructure and applications is essential and security professionals must not forget about the devices that facilitate, segregate and protect the network.
With the inception of privacy regulatory laws and associated penalties, it has become mandatory for organizations to take necessary steps in establishing and implementing a strong privacy risk management framework. Inadequate, or the lack of, a risk management framework may present numerous organizational risks.
A new study finds that one in four consumers admit to using their work email or password to log in to consumer websites and applications such as food delivery apps, online shopping sites and even dating apps.
Original research from CybelAngel takes a look at how cybercriminals plan healthcare-related fraud, ransomware and other attacks by obtaining stolen credentials, leaked database files and other materials from specialized sources in the cybercrime underground.
Among the “The State of API Security – Q1 2021” findings, 66% of organizations admit to having slowed the rollout of a new application into production because of API security concerns. In addition, 54% of organizations running production APIs have at best only a basic strategy for API security, with 27% having no strategy at all.
New research reveals 66% of home workers in the U.K. are potentially breaching GDPR regulations by printing work related documents at home, including meeting notes, contracts, commercial documents, payroll documents, CVs and more. Many are aware of GDPR rules, however, say they have no choice but to print such documents while working remotely.