Despite the need to battle COVID-19, several nations' in-development digital contact-tracing apps are already dogged by security and privacy concerns. Whether enough users will ever trust these apps to make them effective remains a major question. Is it too late to get more projects back on track?
Google and Apple on Monday released privacy and security guidelines for their jointly developed contact-tracing infrastructure. The companies note that apps developed using their APIs can only be developed by or for public health authorities - and solely to collect information to trace COVID-19 infections.
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.
Technology is no panacea, including for combating COVID-19. While that might sound obvious, it's worth repeating because some governments continue to hype contact-tracing apps. Such apps won't magically identify every potential exposure. But they could make manual contact-tracing programs more effective.
APIs ubiquitous in the enterprise today, being exposed to customers, partners and applications. But because they are relied on so heavily, they also are targeted by cybercriminals.
There are more attacks over APIs than on traditional web channels primarily because it's simply easier to attack these...
As Google and Apple prepare to offer a jointly developed infrastructure for contact-tracing smartphone apps to help fight the COVID-19 pandemic, the Electronic Frontier Foundation, a privacy advocacy group, is raising concerns about the risks involved.
As the use of business-critical, cloud-based applications and tools continues to
increase, distributed organizations with multiple remote offices are switching
from performance-inhibited wide-area networks (WANs) to software-defined WAN
(SD-WAN) architectures. SD-WAN offers faster connectivity, cost savings,...
Over the past five years, a sophisticated spyware campaign has been targeting Android users through Trojan-laced apps in the Google Play store that are disguised as various plugins, browser cleaners and application updaters, according to Kaspersky researchers.
Less than 24 hours after the Australian government released its COVID-19 contact-tracing app Sunday, nearly 2 million people had downloaded it. As security and privacy experts review the app, one outstanding question is if the public will trust it enough to reach the public health target of 10 million users.
Many governments are pursuing contact-tracing apps to combat COVID-19, but such projects risk subjecting populations to invasive, long-term surveillance - as well as insufficient adoption - unless they take an open, transparent and as decentralized approach, says cybersecurity expert Alan Woodward.
The process of onboarding vendors has become complicated because of concerns about cybersecurity. To prevent data breaches caused by a third party vendor, security professionals demand that vendors demonstrate and maintain a strong cyber posture.
Effectively checking vendors' cyber posture can be extremely...
CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are now using stolen Active Directory credentials to access networks.
With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved.
Microsoft issued patches for three zero-day vulnerabilities as part of its most recent Patch Tuesday update. The software giant had previously warned users about two vulnerabilities in the Adobe Type Manager Library that were being exploited in the wild.
The U.K. government says it's prepping a contact-tracing app in an attempt to help contain COVID-19. But a leading cybersecurity expert argues that the proposal amounts to little more than "do-something-itis" and urges a focus, instead, on expanded testing as well as ventilator production.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
