An Australian software engineer warns that he was able to create a fake digital COVID-19 vaccine certificate via the government's Express Medicare Plus app, and that the agency in charge has so far failed to acknowledge his bug report. He recommends Australia instead copy the EU's QR code system.
The U.S. Securities and Exchange Commission sanctioned eight financial firms for alleged failures related to cybersecurity policies and procedures, each stemming from email account takeovers and related incident response, the regulator announced this week.
The White House is ordering U.S. agencies to improve their logging capabilities to better track when attackers target their networks and data. The initiative addresses security issues outlined in President Biden's recent cybersecurity executive order.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports. The U.K. government has also been caught out by breaches and leaks involving military secrets and CCTV footage from a government building.
John "Chris" Inglis says one of his first priorities as national cyber director within the White House is focusing on issues of cyber resiliency. Battling ransomware and coordinating government responses with the private sector are also top issues he's tackling.
The World Bank has launched a cybersecurity fund for low- and middle-income nations to support public sector efforts to conduct cybersecurity maturity assessments, offer technical assistance and support training and staff development.
FINRA (The Financial Industry Regulatory Agency) is a not-for-profit organization that regulates one critical part of the securities industry: brokerage firms doing business with the public in the United States. FINRA enables investors and firms to participate in the market with confidence by safeguarding its...
Following a breach of some of its servers in January 2020, the U.S. Census Bureau failed to follow standard cybersecurity practices, including properly maintaining logs of the incident to assist in an investigation, according to an inspector general's report made public this week.
On one hand, rapid cloud migration has been a boon to financial services organization. But it's also exposed some security weaknesses. Mark Guntrip of Menlo Security days it's time to "defend differently," and the zero trust model is one critical element of that new approach.
While smart card standards remain prevalent throughout the federal government, the need to move beyond PIV and CAC for authentication has never been greater, especially with the proliferation of mobile devices.
Additionally, in Zero Trust environments that agencies are building, the diversity and number of...