Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?
To help security practitioners address their challenges, ISMG is hosting its Fraud & Breach Prevention Summit on May 21 at the Conrad Hotel in Bengaluru, which will offer expert insights on best practices. Among the speakers: Lt. Gen. (retired) Rajesh Pant, the national cybersecurity coordinator of India.
Facebook is warning users of its WhatsApp messaging app to update immediately to fix a flaw that is being used to remotely install Pegasus surveillance software from Israel's NSO Group. WhatsApp says a "select number" of targets were hit by the attacks, which it has blamed on "an advanced cyber actor."
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
The Reserve Bank of India is proposing that financial technology firms be allowed to test new products and services that might require the relaxation of certain compliance regulations in what's called a "regulatory sandbox" approach.
Google is facing questions from Congress about Sensorvault, its database that stores the geolocation data of millions of Android users, which has sometimes been shared with police as part of criminal investigations.
The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
Ex-black hat Alissa Knight recently joined Aite Group's new cybersecurity practice, and among her first tasks: a hard look at the security of major financial institutions' mobile banking apps. The results may surprise you.
An "Asian female" has been arrested for attempting to access President Donald Trump's Mar-a-Lago club while he was staying there, claiming she wanted to use the pool. Prosecutors say the apparent Chinese national was carrying a USB thumb drive containing "malicious software" - and had no swimsuit.
Smartphone security is paramount for certain scenarios, but software based encryption has been shown to be insufficient. Mike Fong, founder and CEO of Privoro, demonstrates a hardware based solution to smartphone encryption
As the new director of mobile security strategy for Google, Eugene Liderman is focused on redefining the strategy and dispelling old security myths. He outlines the approach in this exclusive interview.
More than half of 250 anti-virus applications available in Google's Play Store offer insufficient protection against malicious software, according to a new study by testing firm AV Comparatives. One clear takeaway for all Android anti-virus users: Select products carefully.
Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.