The U.S. Commerce Department is banning the downloading and hosting of China-based social media apps TikTok and WeChat effective on Sunday, citing national security concerns. The announcement comes as Oracle continues to negotiate a deal for partnering on TikTok's U.S. operations.
Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert. He describes steps organizations must take to be able to receive - and act on - bug reports.
According to analysts, adaptive authentication is at the top of the list of authentication investments for banks - and for good reason.
Download this white paper to learn how financial institutions are using this technology to drive growth and improve customer retention.
Learn how to:
Foster growth by building more...
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Pike13, a tech company that delivers cloud-based client management software, gives gyms and yoga studios a simple interface to handle daily administrative tasks. The all-in-one platform enables fitness providers to manage staff and clients, including payroll, scheduling and communications.
Pike13 is one of the...
Organizations are increasingly turning to containers and Kubernetes to improve the efficiency and scalability of software development efforts. Containers introduce new security issues, highlighting the need for container specific security tools.
Download this whitepaper to learn why organizations must balance the...
Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.
Gartner has recognized Splunk as a Visionary in the Magic Quadrant for Application Performance Monitoring (APM). We believe this first-time placement in the research reflects the market-leading APM capabilities from Splunk, the Data-to-Everything Platform, including Splunk Enterprise, and Splunk IT Service...
An advertising software development kit called Mintegral that's embedded in 1,200 iOS apps misattributes ad clicks and logs potentially sensitive app data, security firm Snyk alleges. But Apple says there's no evidence the SDK is harming users.
Freepik Co. says an SQL injection attack led to the leak of 8.3 million email addresses and 3.7 million hashed passwords for users of its Freepik graphic resources app and Flaticon icon database platform.
To build a successful vulnerability disclosure program, avoid thinking of it as quick-fix "bug bounty Botox," and instead focus on building positive relationships with the security community, hiring top-notch talent and "building a sustainable ecosystem," says Luta Security's Katie Moussouris.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.
Applications support organizations' most strategic business processes and access their most sensitive data. Yet application security continues to receive less budget and attention than network security.
Why is this? It can't be for lack of awareness? Weekly headlines remind security experts and business leaders...
Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it's important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that...
The IcedID banking Trojan has been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and a DLL file that acts as a second-stage downloader, according to Juniper Threat Labs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
