Password manager LastPass has deployed a server-side fix to repair a vulnerability that could have allowed an attacker to steal a victim's passwords. It's the latest finding from Tavis Ormandy of Google's Project Zero, who's since reported another flaw in LastPass.
RBI has mandated that all banks migrate to Aadhaar-based biometric authentication for electronic payment transactions by June 30. But some information security experts question whether the the technology can handle the potential volume of transactions.
A coding error by Cloudflare exposed data relating to more than 2,500 Singapore websites owned by various organizations in private and public sectors. SingCERT has issued a related security advisory with mitigation steps, but do such alerts prompt action?
The technology and know-how exists to build a hack-proof computer, but doing so won't be easy, says Howard Shrobe, principal research scientist at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory.
The Russian government appears to be doubling down on its information warfare success to date, publicly confirming that it has a "cyber army" designed to wage psychological operations and propaganda campaigns. While there are defenses, too few are using them.
Attackers are increasingly targeting mobile channels, driving banks to seek better ways of verifying the authenticity and integrity of not just users, but also mobile devices and transactions, says John Gunn of cybersecurity technology firm Vasco Data Security.
A report on passage by the House of Representatives of a bill aimed at toughening insider threat defenses at the Department of Homeland Security leads the latest edition of the ISMG Security Report. Also, analyzing the use of blockchain technology to secure healthcare data.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Yet another study reveals that millions of people are picking weak passwords, with "123456" remaining our collective favorite. Rules requiring stronger passwords and not forcing passwords to expire both could help boost security.
Seven state insurance commissioners conclude in a new in-depth report that the massive cyberattack on Anthem Inc. was carried out by a hacker on behalf of a nation-state. But they stop short of naming the nation involved or penalizing Anthem for the breach that affected 80 million.
Will more "historical" breaches be revealed in 2017 and beyond? Data breach expert Troy Hunt is optimistic that such revelations will become rare as large businesses operating online continue to improve security. But what about small and mid-size organizations?
In this special edition of the ISMG Security Report, DataBreachToday Executive Editor Mathew Schwartz discusses the Russian groups behind damaging hacks against the U.S. and Strategic Cyber Ventures CEO Tom Kellermann details cyberthreats posed by the West's nation-state adversaries.
Hacks sponsored by nation-states and attacks fueld by IoT-powered botnets are just some of the daunting threats we will see in 2017, says cybersecurity thought leader Tom Kellermann. What are his top predictions, and how should security leaders respond?
A network tap (Test Access Port) is an inexpensive and permanent access port used throughout the network to enable monitoring and analysis without interrupting data transmission. With so many network taps available on the market, you have to ensure you have the best technology and value for your deployment by...
The emergence of contactless chip payments on mobile phones is changing the way transactions are authenticated and secured, Jeremy King of the PCI Security Standards Council explains in this audio interview.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.