O Me, O My! Android O and Its Impact on the Enterprise
As the summer winds down, the next big wave of mobile OS updates is upon us — a seasonal trend that brings about excitement and positive change for both consumers and security leaders. With Google Android O version 8.0 set for imminent release, we’ve lined up some new features to look out for in the…
Google Inviting 2-Step Verification SMS Users to Google Prompt
Google this week will start inviting 2-Step Verification (2-SV) SMS users to try Google Prompt, its year-old method of approving sign-in requests on smartphones. Launched in June 2016, Google prompt allows users to approve sign-in requests via 2-SV by simply tapping “Yes” on a prompt. Available for both Android and iOS users, Google prompt received…
Apple Builds Data Center in China, Promises No Backdoors
Apple on Wednesday announced the establishment of its first China-based data center in an effort to improve its services in the region and comply with recently implemented regulations, but the tech giant has promised not to build any backdoors into its systems. The new data center is located in China’s Guizhou province, which Apple selected…
Addressing major application vulnerabilities with the Qualys Cloud Platform
In this podcast, Vikas Phonsa, Director of Product Management, Web Application Firewall, Qualys, talks about the application security space in general, the challenges of securing web applications and how the comprehensive applications security portfolio offered by Qualys can help the security teams by simplifying application security.
Personal Details of 117,000 AA Shoppers Exposed
The Automobile Association (AA) — the UK’s largest motoring organization with over 15 million members — is being heavily criticized over its public handling of a major data incident that occurred in April. A server misconfiguration exposed personal details of more than 100,000 AA Shop customers; but its importance has been consistently downplayed by the organization….
Microsoft Forces Users to Review Windows 10 Privacy Settings
Windows 10 users who haven’t installed the Creators Update will soon be notified to review their privacy settings and to install the latest feature update to remain secure, Microsoft announced. Microsoft has been criticized for its Windows 10 data collection practices, and the French National Data Protection Commission (CNIL) recently served the company a formal notice to…
Hacking Factory Robot Arms for Sabotage, Fun & Profit
Black Hat talk will discuss how hackers could take over robotic arms, create micro-defects in products, and open up a new world of subtle blackmail. Security researchers have been accumulating a trove of breakthrough discoveries on Industrial Internet of Things (IIoT) vulnerabilities and releasing them at the Black Hat Briefings over the last few years…
Social media is a cybersecurity risk for business
By itself, social media might not constitute a cyberthreat but once again, employees who ignore best practices around security are making it easy for scammers. It’s even been described as the perfect hunting ground for illegal activity. Social media has also turned into a dandy reconnaissance tool that cybercriminals use to socially engineer their victims. When someone neglects their privacy settings or publicly posts personal notes and photos, they can leave cybercriminals free to use their information…
The quest for a more secure Dropbox alternative
If you use Dropbox, Google Drive, or Yandex.Disk, then you have no doubt appreciated the convenience of always having all of your important files handy on any device. A file can be shared with friends or coworkers in a second. However some find the data security on these popular services lacking, worrying that unauthorized people…
Mobile app developers: Make sure your back end is covered
Application security isn’t just a developer’s problem. IT staff and the security team also have roles to play in setting up the infrastructure and implementing security controls. When IT administrators forget the security basics for the app’s back-end servers, they undermine the developer’s good security decisions. Researchers at mobile security company Appthority recently analyzed apps…