Security News > 2021 > May

In July 2018, when Guizhou-Cloud Big Data agreed to a deal with state-owned telco China Telecom to move iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Apple, in 2018, announced iCloud data of users in mainland China would move to a new data center in Guizhou province as part of a partnership with GCBD. The transition was necessitated to abide by a 2017 regulation that required all "Personal information and important data" collected on Chinese users "Be stored in the territory."

Familiarize yourself with markers of specific vulnerabilities so that you can identify source code patterns as you come across them. In code analysis, "Sources" refer to a code component that allows for a vulnerability, and "Sinks" represent the places where the vulnerabilities occur.

While the need to protect the business against heightened risks has traditionally been an urgent matter, the sheer number of new threats means more time is being spent on immediately patching any issues, and day-to-day security tasks are often pushed aside. Security will always be disadvantaged when coming up against threats, because there are too many for organizations to combat.

New Zealand's Waikato District Health Board has been hit with a strain of ransomware that took down most IT services Tuesday morning and drastically reduced services at six of its affiliate hospitals. Phone lines went down and hospitals were forced to accept urgent patients only.

You'd think with all the recent discussion about consent, researchers would more carefully observe ethical boundaries. A group of researchers from the University of Minnesota not only crossed the line but ran across it, screaming defiantly the whole way.

Increasingly, businesses rely on algorithms that use data provided by users to make decisions that affect people. Do users, customers, employees, and others have a right to know how companies that use algorithms make their decisions? In a new analysis, researchers explore the moral and ethical foundations to such a right.

Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system's data and demands payment to restore access. To help organizations protect against ransomware attacks and recover from them if they happen, NIST has published an infographic offering a series of simple tips and tactics.

Google on Tuesday announced a new feature to its password manager that could be used to change a stolen password automatically with a single tap. Automated password changes build on the tool's ability to check the safety of saved passwords.

The global zero trust security market is projected to surpass $66,741. The global zero trust security market is expected to witness a positive growth in the estimated timeframe.

Security teams need to monitor IT asset health from a cybersecurity perspective by detecting security tool blind spots and responding to exposures quickly. "As an organization focused on Security Operations, we believe that 'you can't protect what you don't understand,' with understand being the key word. Hence, asset management in the security operations context isn't just 'seeing' an asset; it is having the right 'risk' context of each and every software, hardware and IoT asset at our fingertips," said Jatinder Pal Singh, director of security operations at Informatica.