Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
IoT devices and applications often use a range of components, including third-party libraries and open source code. Steve Springett, who created Dependency-Track, explains how to reduce risk and keep third-party code up to date.
Google removed two Android apps made by Baidu, a Chinese company, from its Google Play store after security researchers found they were collecting and possibly leaking data that could have been used to track individuals.
To be the first to bring a ground-breaking treatment or vaccine to market, pharmaceutical organisations need employees to stay productive whether no matter where they are or what device they're using t. But this greater connectivity is exposing your critically important intellectual property (IP) to countless mobile...
2020 was a year of challenges for businesses of all varieties. Organisations that hadn't yet begun their digital transformation were left with no option but to adapt and adapt quickly, while others felt the urgency to accelerate the shift to digital and move to the cloud for more flexibility. Adding to that mounting...
Despite a Thursday deadline that would have forced China-based ByteDance to shut down its TikTok video-sharing app in the U.S., the Commerce Department will allow the company to continue its American operations for now as various court cases continue.
The purpose of the Application Security in the DevOps Environment study, sponsored by HCL Software, was to better understand the state of organizations' ability to quickly prioritize and repair vulnerabilities in their applications.
Download the results drawn from 626 IT security, quality assurance and development...
Apple issued an update for iOS and iPadOS on Thursday that fixes three zero-day flaws found by Google's Project Zero bug-hunting team and a range of other security-related flaws. Google says the bugs are being exploited by attackers but haven't been used in election-related cyber activity.
When software is everywhere, everything becomes an attack surface. The root cause of many successful cyberattacks lies primarily in vulnerable software itself. The real question that needs to be asked is, "Can the industry do a better job of writing more-secure code, making software applications nearly impenetrable to...
A recently identified hacking group dubbed UNC1945 used a never-before-seen zero-day vulnerability in the Oracle Solaris operating system to target corporate networks and plant malware, according to FireEye Mandiant. This threat actor is known to focus on telecom, financial and consulting firm targets.
The FBI has issued a flash alert warning that unidentified threat actors are actively targeting vulnerable SonarQube instances to access source code repositories of U.S. government agencies and private businesses.
CISA and Oracle are urging users to apply an emergency patch for a vulnerability in the software giant's WebLogic Server product. This "severe" bug is already under active exploitation and could allow an attacker to run malicious code, security experts say.
Security has never been easy. In today's dynamic environment of users, applications, endpoints and networks, security solutions have become more complex and siloed.
And while investments in security increase, vulnerabilities and breaches continue to grow exponentially.
Download whitepaper to learn more.
Banking institutions are seeing a significant spike in multi-channel financial crimes. But Duncan Ash and Julio Gomez of Splunk say data and analytics can be key differentiators in the effort to protect sensitive financial data.