Security News
Network engineers and CIOs agree that cybersecurity issues represent the biggest risk for organizations that fail to put networks at the heart of digital transformation plans. According to a research commissioned by Opengear, 53% of network engineers and 52% of CIOs polled in the U.S., U.K., France, Germany, and Australia rank cybersecurity among the list of their biggest risks.
New South Wales, Australia's most populous state, launched its DDL program in 2019, and as of 2021 officials there said that slightly more than half of the state's eight million people use the "Service NSW" app that displays the DDL and offers access to many other government services. "The DDL is hosted securely on the new Service NSW app, locks with a PIN and can be accessed offline. It will provide additional levels of security and protection against identity fraud, compared to the plastic driver licence," NSW Minister for Customer Service Victor Dominello said in 2019 when the service launched.
Locks that use Bluetooth Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on Teslas, but the exploit is generalizable.
Organizations across every industry are experiencing a wave of innovation driven by digital transformation and the significant volume and diversity of devices coming online. Not all of these devices are built with security in mind which subsequently opens up organizations to new vulnerabilities and risks.
Despite banks working to improve online security protocols, consumers must also do their part in taking advantage of enhanced security features to keep their accounts safe. Since banks strive to make the digital banking experience as intuitive and frictionless as possible for users, this can also present an opportunity for hackers to access unwitting consumers' bank accounts.
The vulnerability, which Oracle patched on Tuesday, affects the company's implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally.
WithSecure and Cue Health have worked together to address a security issue that WithSecure discovered in Cue's COVID-19 test, which delivers the results of a nasal swab test via bluetooth to a mobile device. The COVID-19 test is a molecular test that offers users results in 20 minutes with accuracy that's comparable to PCR tests performed in labs.
Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations. Java 15-18 ECDSA doesn't sanity check that the random x coordinate and signature proof are nonzero; a signature validates any message.
It's important to understand that passwords are not passports. Using biometrics, which is a great security advancement, is not the same as identity, says Leonard Navarro, VP of Business Development at Nametag.
F5 announced a report which shows the challenges organizations face as they transform IT infrastructures to deliver and secure digital services that have become inseparable from everyday activities, such as completing job tasks or consulting a doctor. "Digital transformation efforts have experienced a marked acceleration over the past two years, and we see no indications of a slowdown," said Kara Sprague, EVP and GM, App Delivery, F5. "Our research shows that the average organization manages hundreds of applications across data centers, multiple clouds, and edge deployments-as well as more than 20 different app security and delivery technologies. With these growing and more distributed portfolios, organizations require consistent security, end-to-end visibility, and greater automation in their app deployments to tame debilitating complexity and continuously add value for customers, streamline operations, seize new opportunities, and respond to emerging threats in real time."