Last week, Chinese telecom equipment maker Huawei offered the Indian government a "no backdoor" agreement. But the government urgently needs to set up test beds to check equipment imported not only from China but also other nations to ensure their security as the nation prepares for 5G.
Iran is increasing its malicious cyber activity against the U.S, which could manifest in attacks that render computers unusable, a top U.S. cybersecurity official says. The warning comes after the U.S. reportedly targeted Iranian computer systems in response to the downing of a surveillance drone.
Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Apple will introduce a feature in its new iOS 13 operating system later this year that allows the use of Apple credentials to log into other services. The feature is designed to reduce the amount of personal information that app developers obtain, a clear shot across the bow of Facebook and Google.
The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path.
Keeping organizations safe from attackers and staying one step ahead of them is a tough proposition, and hence identifying threats accurately with integrated user behavioral analytics and artificial intelligence makes tremendous sense as this can save invaluable investigation time.
The indictment of two Chinese men for a 2014 cyberattack on health insurer Anthem that compromised information on nearly 80 million individuals contains extensive details about the incident that security professionals can use to help with their breach prevention strategies.
Every day needs to be password security day - attackers certainly aren't dormant the other 364 days of the year. But as World Password Day rolls around again, there's cause for celebration as Microsoft finally stops recommending periodic password changes.
Citrix says the data breach it first disclosed in early March appears to have persisted for six months before it was discovered and the hackers were ejected. In an ironic twist, the company sells the very products that might have blocked recent credential stuffing and password spraying attacks against it.
Access risk: Security leaders understand their governance and technology challenges. But addressing them with new automated tools - and selling these new processes within their organizations? Those are the problems attendees attempted to solve at a recent dinner in Philadelphia.
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
How well can banking institutions apply the right amount of security to the right transactions at the right time? Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey.
Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.