Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Facebook says it will soon issue a patch for a bug in its WhatsApp messenger application that can circumvent a security feature launched just last month for Apple devices. The flaw could let someone with physical access to a device bypass Face ID and Touch ID.
What if organizations' information security practices have gotten so good that they're finally repelling cybercriminals and nation-state attackers alike? Unfortunately, the five biggest corporate breaches of the past five years - including Yahoo, Marriott and Equifax - suggest otherwise.
Apple has issued an iOS update that patches two flaws being exploited in the wild by attackers as well as the "FalmPalm" bug in Group FaceTime. Apple says it compensated the teenager who reported the FaceTime flaw and gave him an extra gift toward his tuition.
A U.K. bank says no customers lost money after cyberattackers attempted account takeovers by rerouting one-time passcodes, Motherboard reports. Such attacks involve unauthorized tampering with Signaling System #7, the protocol used to route mobile phone calls worldwide.
Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments?
Despite early indications that India would not use technology from Chinese telecom giant Huawei in its program to build a 5G network, because of security concerns, many security experts now predict the government likely will reverse itself and allow the use of that technology to help hold down costs.
Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.
Radio controllers used in the construction, mining and shipping industries are vulnerable to hackers, Trend Micro says in a new report. To address the issue, researchers say, manufacturers need to move away from proprietary communication protocols and embrace secure standards, such as Bluetooth Low Energy.
The recent exposure of customer data on the website of Singapore Airlines as a result of a software bug is further evidence of the persistent challenge of adequately addressing security during the development stage.
On Wednesday, just days after a new "cybersecurity" law took effect, Vietnam alleged that Facebook has violated the law by allowing users to post anti-government comments on the platform. The so-called cybersecurity law actually speaks little about IT security measures.
The recent Black Hat Europe conference in London touched on topics ranging from combating "deep fake" videos and information security career challenges to hands-on lock-picking tutorials and the dearth of research proposals centered on deception technology.
The Trump administration has launched a public awareness campaign, spearheaded by the National Counterintelligence and Security Center, urging the U.S. private sector to better defend itself against nation-state hackers and others who may be trying to steal their sensitive data or wage supply chain attacks.