Security News

Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below -...

RiskInDroid is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. "A user should be able to quickly assess an application's level of risk by simply glancing at RiskInDroid's output, and they should be able to compare the app's risk with others easily," Gabriel Claudiu Georgiu, developer of RiskInDroid, told Help Net Security.

In this Help Net Security video, Chris Bowen, CISO at ClearDATA, emphasizes the importance of digital health companies being more transparent with their users. As more and more Americans flock to direct-to-consumer digital health apps and resources, most people don't know that the sensitive health data they share with these companies could be passed on to third parties or sold to data brokers without a single consent form.

To account for the ongoing evolution of digital threats, you need to implement robust governance control programs that address the current control environment and help you to prepare for the future risk environment. Building a robust governance control program is about agility and adaptation.

While 99% of companies have data protection solutions in place, 78% of cybersecurity leaders admit they've still had sensitive data breached, leaked, or exposed. "Today, data is highly portable. While AI and cloud technologies are igniting new business ventures that allow employees to connect, create, and collaborate, they also make it easier to leak critical corporate data like source code and IP," said Joe Payne, CEO of Code42.

Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed. LINE is a messaging app created by an offshoot of South Korea's NAVER - a Google-like web giant.

The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers. Change, a UnitedHealth Group-owned IT services firm, provides software to more than 70,000 American pharmacies and healthcare organizations so they can electronically process insurance claims and fill prescription orders.

The National Security Agency is sharing new guidance to help organizations limit an adversary's movement on the internal network by adopting zero-trust framework principles.The NSA released today zero-trust guidance for the network and environment component, which comprises all hardware and software assets, non-person entities, and inter-communication protocols.

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. The company says it addressed the security flaws for devices running iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6 with improved input validation.

A new malware dubbed 'WogRAT' targets both Windows and Linux in attacks abusing an online notepad platform named 'aNotepad' as a covert channel for storing and retrieving malicious code. The malware contains encrypted source code for a malware downloader that is compiled and executed on the fly.