Mitsubishi Electric says hackers exploited a zero-day vulnerability in its anti-virus software, prior to the vendor patching the flaw, and potentially stole trade secrets and employee data. The Japanese multinational firm announced the breach more than six months after detecting it in June 2019.
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.
The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
One gaping hole in the U.S. government's push to counter Chinese-built 5G telecommunications gear remains the lack of alternatives. But a bipartisan group of senators is seeking to create a $1 billion fund to create trusted, Western-built options.
A new Princeton University research paper finds that five major U.S. prepaid wireless carriers are leaving their customers open to SIM swapping attacks. The main culprit is weak account authentication procedures that attackers can easily exploit.
The British government continues to delay deciding whether it will ban Chinese networking gear from its national 5G rollout, as the Trump administration demands. But with future trade deals on the line as the U.K. navigates its "Brexit" from the EU, Britain cannot afford to anger either Beijing or Washington.
U.S. Attorney General William Barr is ratcheting up the pressure on Apple to unlock two iPhones belonging to a Saudi national who carried out a deadly shooting in December. The attorney general is labeling the shooting as an act of terrorism and says Apple is hampering a counterterrorism investigation.
Microsoft this week issues the final, free security updates for its Windows 7 operating system, as well as Windows Server 2008 and 2008 R2. But with one-third of all PCs continuing to run Windows 7, experts are urging organizations to immediately move to a more modern operating system.
A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
A flaw in a Broadcom chip built into many cable modems means hundreds of millions of the devices are vulnerable to a buffer overflow exploit, dubbed Cable Haunt, that attackers can use to take full control of a modem, researchers say. Only some ISPs have begun pushing firmware updates to fix the flaw.
The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent encryption; the cyberattack risks posed by IoT devices.
Nearly 16,000 malware-infected MicroTik routers in Southeast Asia have been scrubbed of Coinhive cryptojacking code, which mines for monero, thanks to an international police operation. Globally, however, 26,000 MicroTik routers reportedly remain infected with the stealth monero-mining code.
The FBI has sent a letter to Apple asking for help in accessing encrypted data from two iPhones belonging to a deceased shooter. The bureau's move may be a prelude to another legal fight between the FBI and Apple over strong encryption.
Private equity firm Insight Partners plans to acquire yet another security company: This time it's IoT security startup Armis. Find out the substantial value of the all-cash deal.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
