Top

Category: Security


Access control, Security

The double-edged sword of zero trust

February 19, 2024

Via: Help Net Security

In an era defined by relentless cyber threats and evolving attack vectors, traditional security models are proving increasingly inadequate to safeguard sensitive information. Unlike conventional systems that often rely on perimeter defenses, zero trust adopts a more discerning philosophy, treating […]


Network security, Security

Chrome is getting a big privacy and security boost from Google to help safeguard your home network

February 19, 2024

Via: TechRadar

Google Chrome is getting an upgrade that will help safeguard devices connected to a private or home network. Google outlined its plans in a post on its Chrome Platform Status page, explaining that the new feature will behave as a […]


Application security, Security

Mitigating AI security risks

February 15, 2024

Via: The Register

It has become possible to swiftly and inexpensively train, validate and deploy AI models and applications, yet while we embrace innovation, are we aware of the security risks? Because it’s not just the good guys who use AI – bad […]


Network security, Security

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things

February 14, 2024

Via: The Register

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. Specifically, China, Iran, Russia, and North Korea were apparently “querying […]


Data loss, Network security, Threats & Malware

Jet engine dealer to major airlines discloses ‘unauthorized activity’

February 12, 2024

Via: The Register

Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]


Access control, Security

A Question of Identity: The Evolution of Identity & Access Management

February 9, 2024

Via: SecureWorld

The cloud is the de facto platform for delivery of applications and services in the modern digital era. Identity as the new digital perimeter is the cornerstone for assuring secure “Anytime, Anywhere, Authorized” access to protect enterprise security and privacy. […]


Application security, Security

Rust can help make software secure – but it’s no cure-all

February 8, 2024

Via: The Register

Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with the majority of vulnerabilities that actually get exploited. So while coding with Rust can help reduce memory safety vulnerabilities, it won’t fix […]


Privacy protection, Security

Businesses banning or limiting use of GenAI over privacy risks

February 5, 2024

Via: Help Net Security

Privacy is much more than a regulatory compliance matter. Findings from a new Cisco study highlight the growing Privacy concerns with GenAI, trust challenges facing organizations over their use of AI, and the attractive returns from privacy investment. “Organizations see […]


Application security, Security

Managing the hidden risks of shadow APIs

February 2, 2024

Via: The Register

Application programming interfaces (APIs) play a significant role in today’s digital economy, but at the same time they can also represent a data security vulnerability. While APIs serve as building blocks to modern app development, their proliferation and sprawl have […]


Privacy protection, Security

Cyber and Privacy Risks for Real Estate Enterprises

January 31, 2024

Via: SecureWorld

Cyber risk is an existential issue for companies of all sizes and in all industries. The integration of technology and automation, and related collection, use, and sharing of information into everyday business practices presents an enormous opportunity for efficiency and […]


Network security, Security

Wait, security courses aren’t a requirement to graduate with a computer science degree?

January 26, 2024

Via: The Register

There’s a line in the latest plea from CISA – the US government’s cybersecurity agency – to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA […]


Privacy protection, Security

Essential questions for developing effective human rights policies

January 26, 2024

Via: Help Net Security

Growing environmental, social, and governance (ESG) expectations and expanding global regulation are propelling organizations to consider implementing a stand-alone human rights policy, according to Gartner. Public focus on human rights Shareholder proposals and media reports continue to put human rights […]


Access control, Security

1Kosmos BlockID 1Key secures users in restricted environments

January 25, 2024

Via: Help Net Security

1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher education labs, retail bank branches, healthcare providers and other restricted environments […]


Network security, Security

GCHQ’s NCSC warns of ‘realistic possibility’ AI will help state-backed malware evade detection

January 24, 2024

Via: The Register

The idea that AI could generate super-potent and undetectable malware has been bandied about for years – and also already debunked. However, an article published today by the UK National Cyber Security Centre (NCSC) suggests there is a “realistic possibility” […]


Privacy protection, Security

CISA Director Says Americans Should Be Confident Elections Are Secure

January 23, 2024

Via: SecureWorld

Jen Easterly, Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), told MSNBC’s Andrea Mitchell in a January 19th segment that “the American people should have confidence in the election process” in 2024 and beyond, despite concerns over AI […]


Privacy protection, Security

US agencies warn made-in-China drones might help Beijing snoop on the world

January 19, 2024

Via: The Register

Two US government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI), warned on Wednesday that drones made in China could be used to gather information on critical infrastructure. “The People’s Republic of China (PRC) […]


Access control, Security

IT consultant fined for daring to expose shoddy security

January 19, 2024

Via: The Register

A security researcher in Germany has been fined €3,000 ($3,300, £2,600) for finding and reporting an e-commerce database vulnerability that was exposing almost 700,000 customer records. Back in June 2021, according to our pals at Heise, an contractor identified elsewhere […]


Cloud security, Security

Enter the era of platform-based cloud security

January 18, 2024

Via: The Register

Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security. Cybersecurity Insiders notes that, in the past, companies have typically […]


Network security, Security

Nokia walks the walk about its RAN to play on Uncle Sam’s China fears

January 17, 2024

Via: The Register

A vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant Nokia’s decision to do so in the USA this week tells a bigger story about Washington’s paranoia regarding the security of […]


Application security, Security

Beware, all Windows and Mac devices possibly at risk – dangerous Opera security flaw could have allowed hackers to run any file they want

January 16, 2024

Via: TechRadar

Opera, a popular Chromium-based browser, was found carrying a vulnerability that would allow hackers to install pretty much any file on both Windows and macOS operating systems. The vulnerability was discovered by cybersecurity researchers from Guardio Labs, who notified the […]