A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.
Security researchers have found yet another unsecured database that left personal data exposed to the internet. In this latest case, a MongoDB database containing about 188 million records, mostly culled from websites and search engines, was exposed, researchers say.
Customer accounts are an integral tool to help merchants foster customer loyalty. But when login credentials are compromised, they present a unique opportunity for fraudsters to commit CNP fraud and steal customer PII. In 2018 alone, Account Takeover attacks resulted in over $11 billion in losses.
The fallout from...
Authentication vulnerabilities in certain GE Healthcare anesthesia devices could potentially allow remote attackers to meddle with the devices, researchers say. GE disputes some of the findings. Find out what other security experts have to say.
Passwords alone won't keep your business secure.
Even with strong passwords, attacks are more sophisticated - and persistent. Pairing passwords with additional technology and authentication factors is essential to keeping the business secure. But what type of authentication is right for your business?
Download the...
The traditional IAM strategy has been to tie individual users with a unique device. But that doesn't work in healthcare settings, where doctors and nurses often share multiple devices. Jigar Kadakia of Partners HealthCare talks about how he approaches this critical challenge.
Déjà vu basic cybersecurity challenge all over again: With the U.S. government warning that geopolitical tensions could trigger wiper-attack reprisals, security experts review the basic anti-wiper - and anti-ransomware - defenses organizations should already have in place.
Healthcare information is a prime target for malicious attackers because it has a high value on the black market, says Amanda Rogerson of Duo Security, who calls for adoption of a "zero trust" model to boost security.
Biometrics may be in fashion, but it's in part because users are ready, willing and able to use it to prove their identity, thanks to Apple, Samsung, Google and other players providing trustable hardware for verifying people's fingerprints and faces, says IBM Security's Neil Warburton.
Security professionals are hard-wired to focus on the technical aspects of cyber attacks during a breach response, but non-technical aspects are often deceptive and go overlooked. Identity can be a powerful tool to bolster your defenses - and the untapped market potential is huge.
Download this eBook to learn from...
By partnering with Ping Identity, Gates was able to bring the vision of a global authentication authority to life with advisory, configuration, deployment, and employee training.
Often in breach response, security professionals focus on the technical aspects of the attack. Yet, the non-technical aspects are often more insidious, says Teju Shyamsundar of Okta. And Identity can be a powerful tool to bolster defenses.
More organizations are deploying single sign-on mechanisms when they move to software-as-a-service applications to help enhance authentication and control access, says Moshe Ferber, chairman of the Israeli chapter of the Cloud Security Alliance.
Cloud computing has inherited security advantages when properly deployed, but the reality is that any fast-growing platform is bound to see a proportionate increase in incidents. Organizations are finding that they have to realign - and in some cases, reinvent - their security programs for this new reality.
This...
Gates Corporation CISO Sam Masiello on how they brought their vision of a global authentication authority to life with advisory, configuration, deployment, and employee training.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.