Zoom will begin beta testing an end-to-end encryption feature in July that it plans to make available at no charge to all who use the paid or free version of its teleconference platform. It's also rolling out other new security features.
Google has removed more than 70 malicious Chrome extensions after researchers with security firm Awake Security discovered the extensions could be used to steal users' credentials and security tokens.
Many ethical hackers and other security professionals, such as penetration testers, have weaponized cloud platforms to host online attack infrastructure or have used the platforms to conduct reconnaissance, according security researchers at Texas Tech University.
Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
When organizations eventually allow employees to return to their offices after the COVID-19 crisis subsides, they may discover "more network intrusions, data exfiltration and data breaches," says U.K. cybercrime expert Andrew Gould, who implores organizations to report these incidents to authorities.
The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them. Also featured: A ransomware risk management update; tips on disaster planning.
Britain's failure to contain COVID-19 - despite Prime Minister Boris Johnson promising a "world-beating" effort - now includes a failed digital contact-tracing app. A new version, built to work with Apple and Google APIs, may be released by winter. Really, what's the rush?
Digital transformation may have occurred over a weekend in March, but the effects will be felt - and secured - for years to come. How will global enterprises in 2021 validate identities, defend networks without perimeters and secure a permanent remote workforce? A panel of CEOs and CISOs shares strategies.
An Australian IoT alliance is developing a certification program designed to raise security standards for connected device manufacturers and give consumers more confidence that they're buying secure devices. The program, slated to start in September, could expand globally.
Measuring and communicating the value of a cybersecurity program is more important than ever. Colin O'Connor, COO of ReliaQuest, previews the topic for an upcoming virtual roundtable.
Time for another internet of things update nightmare: Researchers have found that a little-known but widely used TCP/IP software library built into millions of internet-connected devices has 19 flaws that need fixing. Developer Treck has issued fixes, but how many vulnerable devices will end up patched?
Since the advent of the COVID-19 crisis, many enterprises have moved new workloads to the cloud. But have they been just as swift to adopt cybersecurity best practices in these multi-cloud environments? IBM's Limor Kessem analyzes a new cloud security study.
An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks.
The Trump administration's continued press against China snared an unintended victim: America's own influence over 5G standards development. But the U.S. Commerce Department says a new rule will free U.S. firms to work with any company, including China's Huawei, on developing new telecommunications standards.
A new research paper describes a side-channel attack technique that could enable hackers to eavesdrop on a conversation by tracking vibrations in a hanging ligh bulb.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.