"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says.
Facebook says it has suspended tens of thousands of apps as part of its ongoing investigation into data misuse that grew out of the Cambridge Analytica scandal. The company won't disclose the affected apps, but an unsealed court filing says it has suspended 69,000.
Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 stolen payment card records have turned up in underground markets, says Gemini Advisory.
Deception technology has emerged as a hot practice - but not one that is necessarily on every enterprise's budgeting radar. Don Gray, CTO of PacketViper, talks about the emergence of deception technology and how security leaders can make the case - and find the budget - for its usage.
Identify and Block Unwanted Apps
Traditional app control is failing to do its job. Most modern firewalls are unable to see almost half of all network traffic, leaving parasitic apps to run unseen and unchecked. These apps steal resources, slow down legitimate activities and create security and compliance...
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
How do organizations know if their app and network security is sufficient to protect them from data breaches - or if their defenses are even working? Paul Dant of Arxan talks about the evolution of mobile/web app security.
Researchers at Kaspersky discovered malware hiding in advertising within a recent version of the popular CamScanner app for Android smartphones. Over the years, the app has been downloaded over 100 million times from the Google Play store.
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
Complex configurations don't mix well with rapidly spun-up components, and when your company uses multiple cloud providers to host your critical assets, the odds of a major security event get that much higher.
So how do you close visibility gaps and integrate conflicting datasets from different providers, and how...
Choice Hotels says about 700,000 guest records were exposed after one of its vendors copied data from its systems. Fraudsters discovered the unsecured database and tried to hold the hotel chain to ransom, which it ignored.
A flood of new technology is racing toward the financial services industry - most notably, increased automation for internal processes to improve margins, as well as the development of new software to create a complete and seamless customer experience in traditional, online, and mobile banking.
The U.S. Securities and Exchange Commission is investigating the exposure of personal and mortgage-related records from First American Financial Corp., according to security blogger Brian Krebs. First American spent $1.7 million on the incident in its second quarter, but investigations and lawsuits are looming.
The web, mobile, and API-based applications that power your digitally-connected organization are under attack by malicious automated bots and bad actors. Unfortunately, many of these attacks are undetectable by traditional security technologies. So how bad is the problem, and what can you do to protect yourself? ...