Security News > 2024 > March
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and...
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double...
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the...
API integrations often handle sensitive data, such as employees' personally identifiable information, companies' financial information, or even clients' payment card data. Taking these measures will only grow in importance since more and more organizations are looking to build customer-facing API integrations.
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below -...
RiskInDroid is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. "A user should be able to quickly assess an application's level of risk by simply glancing at RiskInDroid's output, and they should be able to compare the app's risk with others easily," Gabriel Claudiu Georgiu, developer of RiskInDroid, told Help Net Security.
In this Help Net Security video, Chris Bowen, CISO at ClearDATA, emphasizes the importance of digital health companies being more transparent with their users. As more and more Americans flock to direct-to-consumer digital health apps and resources, most people don't know that the sensitive health data they share with these companies could be passed on to third parties or sold to data brokers without a single consent form.
To account for the ongoing evolution of digital threats, you need to implement robust governance control programs that address the current control environment and help you to prepare for the future risk environment. Building a robust governance control program is about agility and adaptation.
While 99% of companies have data protection solutions in place, 78% of cybersecurity leaders admit they've still had sensitive data breached, leaked, or exposed. "Today, data is highly portable. While AI and cloud technologies are igniting new business ventures that allow employees to connect, create, and collaborate, they also make it easier to leak critical corporate data like source code and IP," said Joe Payne, CEO of Code42.
Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed. LINE is a messaging app created by an offshoot of South Korea's NAVER - a Google-like web giant.