After auditing the security of Helpdesk Software solution Deskpro in accordance with the company's Responsible Disclosure Bug Bounty Program, the Checkmarx Security Research Team discovered a severe cross-site scripting (XSS) issue that can be exploited multiple ways.
New research from Tessian finds that almost one-third of people have fallen victim to a cyber romance scam, posing a new warning: don’t get cat-phished this Valentine’s Day.
In today’s world, business process automation solutions are considered the fastest-growing segment on the global enterprise software market. However, both business owners and frequent users alike often express their doubts about the capability of automation tools to operate at the proper level required by enterprise data security, especially with many employees working from home due to the pandemic.
The COVID-19 pandemic has sparked a unique convergence of security and health, and it’s up to security leaders to keep up and even drive that transformation for their organizations. One of the biggest facility management takeaways from the pandemic has been the need for flexibility within building infrastructures. Thoughtfully implemented solutions and strategies within repurposed spaces will not only safeguard buildings from traditional intruder threats, but also promote a healthy environment for employees and occupants.
Security ratings or cybersecurity ratings are a data-driven, objective, and dynamic measurement of an organization's security posture and cybersecurity performance. To learn more about the benefits of security ratings, we speak to Christos Kalantzis, Chief Technology Officer at SecurityScorecard.
INKY processed 656,954,951 emails in 2020. From this data, they ranked the top 25 most-phished brands during 2020. In round numbers, that’s two-thirds of a billion.
Lookout, Inc. announced the discovery of two novel Android surveillanceware, Hornbill and SunBird. The Lookout Threat Intelligence team believes these campaigns are connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well as file and directory listings. The surveillanceware targets personnel linked to Pakistan’s military and nuclear authorities and Indian election officials in Kashmir.
As 5G technology continues to be rolled out worldwide—providing latency of a mere 1 millisecond—it is critical that information security professionals become familiar with 5G system architecture and security architecture, as well as the risks that come with implementing new cellular technologies. ISACA’s new white paper, 5G Security: Addressing Risk and Threats of Mobile Network Technologies, explores these topics, and compares 5G technology with 4G and previous generation cellular technologies.
COVID-19 wasn’t the only thing to sweep the globe in 2020 — the year also brought a wave of privacy legislation. Major players, including Brazil, Canada and China, all introduced privacy legislation that closely aligns with the EU General Data Protection Regulation. And in the U.S., California debuted the highly anticipated California Consumer Privacy Act (CCPA) and quickly followed up by approving the California Privacy Rights Act of 2020 (CPRA), which modifies the existing CCPA obligations and introduces new ones. So, what’s in store for 2021?
Your next home will be connected in creepy ways. It will take a while, but eventually every machine and device in your house will talk to everything else, and Consumer Electronic Show (CES)-born inspiration will be at their roots. From e-toothbrushes to connected e-toilets that can detect a health issue (Really!), the items in your home will be controlled via the internet and will be everywhere. But what does that mean for security?
RSS
