Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
IoT devices and applications often use a range of components, including third-party libraries and open source code. Steve Springett, who created Dependency-Track, explains how to reduce risk and keep third-party code up to date.
Google removed two Android apps made by Baidu, a Chinese company, from its Google Play store after security researchers found they were collecting and possibly leaking data that could have been used to track individuals.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
To be the first to bring a ground-breaking treatment or vaccine to market, pharmaceutical organisations need employees to stay productive whether no matter where they are or what device they're using t. But this greater connectivity is exposing your critically important intellectual property (IP) to countless mobile...
Despite a Thursday deadline that would have forced China-based ByteDance to shut down its TikTok video-sharing app in the U.S., the Commerce Department will allow the company to continue its American operations for now as various court cases continue.
The purpose of the Application Security in the DevOps Environment study, sponsored by HCL Software, was to better understand the state of organizations' ability to quickly prioritize and repair vulnerabilities in their applications.
Download the results drawn from 626 IT security, quality assurance and development...
India's payments-processor regulatory body has given the final go-ahead to roll out WhatsApp's processing payment services to 20 million users across the country, the agency and parent company Facebook announced. The approval comes after the social media giant applied for permission in 2018.
Apple issued an update for iOS and iPadOS on Thursday that fixes three zero-day flaws found by Google's Project Zero bug-hunting team and a range of other security-related flaws. Google says the bugs are being exploited by attackers but haven't been used in election-related cyber activity.
As with any technology, cloud security vendors tout a wide range of attributes and features. It's often hard to distinguish between what's worth considering and what's simply noise. Here are 15 points to keep top-of-mind while evaluating solutions and determining the best fit for your organization.
A recently identified hacking group dubbed UNC1945 used a never-before-seen zero-day vulnerability in the Oracle Solaris operating system to target corporate networks and plant malware, according to FireEye Mandiant. This threat actor is known to focus on telecom, financial and consulting firm targets.
The FBI has issued a flash alert warning that unidentified threat actors are actively targeting vulnerable SonarQube instances to access source code repositories of U.S. government agencies and private businesses.
CISA and Oracle are urging users to apply an emergency patch for a vulnerability in the software giant's WebLogic Server product. This "severe" bug is already under active exploitation and could allow an attacker to run malicious code, security experts say.
Researchers at Kaspersky have uncovered several fresh variants of GravityRAT spyware that are now capable of attacking not only Windows but also Android and macOS devices. The malware is mainly targeting victims in India.