Google is notifying administrators and users of its business-oriented G Suite product that the company had been storing unhashed passwords for years because of a flaw in the platform. The company believes no customer data was leaked and that all passwords remained encrypted.
At this week's Information Security Media Group Fraud & Breach Summit in Bengaluru, India, national cybersecurity coordinator Lt. Gen. (retired) Rajesh Pant spoke about the challenges facing the country over the coming years.
There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. A database that was left online without password protection has since been taken down.
The Reserve Bank of India has called for a self-regulation approach for the fintech industry to help ensure data security. "There is a need for a self-regulatory governance framework to foster best practices on important aspects like security," an RBI official says.
The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports.
Salesforce says it has nearly recovered from a botched database update that wiped out user permissions within its Pardot marketing management product on Friday. The error allowed Salesforce users access to previously restricted profiles.
After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license. Many chipmakers and other technology firms have also said they will cease or at least pause the sharing of software, hardware and services.
The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices.
Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?
To help security practitioners address their challenges, ISMG is hosting its Fraud & Breach Prevention Summit on May 21 at the Conrad Hotel in Bengaluru, which will offer expert insights on best practices. Among the speakers: Lt. Gen. (retired) Rajesh Pant, the national cybersecurity coordinator of India.
Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all.
The majority of aircraft accidents occur during landing. And during bad weather or low-visibility, pilots are trained to entirely trust their instruments. But researchers say they can spoof wireless signals to a critical landing system, which could cause planes to miss runways.
The latest edition of the ISMG Security Report digs into the WhatsApp flaw that paved the way for spyware installation. Also: Microsoft patches old operating systems and a 'virtual CISO' sizes up security challenges.
Data localization would increase costs to cloud service providers and change the services available for consumers, says Venkatesh Krishnamoorthy, country manager, India, for BSA, who calls for minimizing regulatory burdens.
Keeping organizations safe from attackers and staying one step ahead of them is a tough proposition, and hence identifying threats accurately with integrated user behavioral analytics and artificial intelligence makes tremendous sense as this can save invaluable investigation time.