The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Facebook says it will soon issue a patch for a bug in its WhatsApp messenger application that can circumvent a security feature launched just last month for Apple devices. The flaw could let someone with physical access to a device bypass Face ID and Touch ID.
Apple has issued an iOS update that patches two flaws being exploited in the wild by attackers as well as the "FalmPalm" bug in Group FaceTime. Apple says it compensated the teenager who reported the FaceTime flaw and gave him an extra gift toward his tuition.
A U.K. bank says no customers lost money after cyberattackers attempted account takeovers by rerouting one-time passcodes, Motherboard reports. Such attacks involve unauthorized tampering with Signaling System #7, the protocol used to route mobile phone calls worldwide.
Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.
Radio controllers used in the construction, mining and shipping industries are vulnerable to hackers, Trend Micro says in a new report. To address the issue, researchers say, manufacturers need to move away from proprietary communication protocols and embrace secure standards, such as Bluetooth Low Energy.
The Trump administration has launched a public awareness campaign, spearheaded by the National Counterintelligence and Security Center, urging the U.S. private sector to better defend itself against nation-state hackers and others who may be trying to steal their sensitive data or wage supply chain attacks.
The embrace of Bring Your Own Device (BYOD) programs by employers and employees, which is transforming workplaces everywhere, brings with it a complex mix of benefits, costs and risks.
This is the summary of key findings from a recent survey conducted by Corporate Counsel Business Journal and AccessData, to explore...
The lack of strong encryption in Philips' HealthSuite Health Android app leaves the mobile health software vulnerable to hacking, according to a new advisory issued by the medical device manufacturer and an alert from the Department of Homeland Security.
What's the outlook for moving from awareness to action when it comes to medical device cybersecurity? Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, offers an assessment.
Consumer organizations in seven countries plan to file complaints alleging that Google is violating the EU's General Data Protection Regulation via its location, web and app activity tracking, in what could be a blow to the search giant's lucrative but data-hungry targeted advertising business.
The FDA's recently issued draft document updating its premarket medical device cybersecurity guidance originally issued in 2014 contains several important provisions, says regulatory attorney Yarmela Pavlovic, who explains the details.
Once again, a supposedly secure service allegedly marketed to criminals has proven to have limits. Dutch police have busted a "cryptophone" operation, allowing them to decrypt more than 258,000 encrypted chat messages, leading to a drug lab bust, 14 arrests and the seizure of cash, drugs and weapons.
Email is Insecure
Boards of directors need effective communication and collaboration in order to reach their goals and fulfill the mission of the organization. Unfortunately, this puts corporate secretaries, general counsels and main board administrators under a lot of pressure to manage, secure and govern board...
Organizations are focused on protecting traditional devices - laptops, desktops - but at each one of those endpoints is a user who has at least one and typically more than one mobile device. You may also have devices in the field to interact with customers and prospects or use IoT tools. This means that about half of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
