Microsoft accidentally internet-exposed for three weeks 250 million customer support records stored in five misconfigured Elasticsearch databases. While the company rapidly locked them down after being alerted, it's an embarrassing gaff for the technology giant, which has pledged to do better.
The speed and complexity of software development is rapidly increasing. Development teams have little to no time to ensure these applications are secure, even while the biggest and most severe data breaches that have affected both the public and private sectors all operate at the application layer.
Ensuring your...
If your organization does software development in-house, there are a myriad of development workflows and processes to choose from. Some organizations still implement old-school waterfall development workflows; some are agile shops. In terms of process, some have adopted DevOps, and some integrate security testing into...
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.
The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent encryption; the cyberattack risks posed by IoT devices.
The security company Check Point has revealed several vulnerabilities in TikTok, the popular Chinese video app that has raised concerns lately from the U.S. military and lawmakers. The issues are fixed, and TikTok says it doesn't appear the issues were exploited for a breach.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
The U.S. Army reportedly is following the lead of the Navy in banning soldiers from using TikTok, a Chinese-made video sharing and social media app, on their government-issued phones.
Because open source components have known vulnerabilities, it's important for companies to invest in the right tools to help developers build the right applications, says Patrick Pitchappa of BNP Paribas banking group.
The user-friendly aspects of apps can enable malicious bots to infiltrate, says Eddie Doyle of Check Point Research, who offers insights on addressing the issue.
11 Best Practices to Minimize Risk and Protect Your Data
By now, we are all too aware of the consequences of a data breach:
Brand damage
Loss of customer confidence
Potentially costly litigation
Regulatory fines
However, most organizations are not as familiar with how to prevent these attacks. They still spend...
The Federal Bureau of Investigation warns that the photo-editing app FaceApp and other applications developed in Russia could be a "potential counter-intelligence threat" to the U.S.
Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.
An unsecure database belonging to PayMyTab, a company that provides U.S. restaurants with mobile payment apps and devices, left payment card and other customer data exposed, according to a new report from two independent security researchers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
