Security News

Enterprises increasingly block AI transactions over security concerns
2024-03-28 05:30

AI has already become a part of business as usual, as enterprises leverage and integrate new features and tools into their day-to-day workflows, multiplying the volume of transactions and data generated. Despite the mounting security risk and increasing number of data protection incidents, enterprises are adopting AI tools in large numbers.

Security Vulnerability in Saflok’s RFID-Based Keycard Locks
2024-03-27 11:01

The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. By exploiting weaknesses in both Dormakaba's encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock.

How security leaders can ease healthcare workers’ EHR-related burnout
2024-03-27 06:00

Staff experiencing burnout in healthcare settings is not something that security leaders typically worry about - unless, maybe, it is the security team itself that is suffering from it. It turns out that - by homing in on the user experience of security mechanisms and processes - the security team can be an ally to those whose job it is to worry about burnout across the healthcare ecosystem.

Drozer: Open-source Android security assessment framework
2024-03-27 04:30

Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of an app and facilitating interactions with the Dalvik VM, other apps' IPC endpoints, and the operating system.

Tech industry’s focus on innovation leaves security behind
2024-03-26 04:00

Innovation fuels the technology industry, but it comes at a cost. Certain technology sub-sectors like software companies and infrastructure providers have complex supply chains, making it challenging to ensure the security of all components and services.

GoFetch security exploit can't be disabled on M1 and M2 Apple chips
2024-03-25 14:30

The GoFetch vulnerability found on Apple M-series and Intel Raptor Lake CPUs has been further unpacked by the researchers who first disclosed it. DMPs are present on all Apple M-series CPUs and Intel's Raptor Lake processors, and the dedicated website for GoFetch now shows how exactly the exploit is carried out.

Microsoft confirms memory leak in March Windows Server security update
2024-03-25 01:15

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Infosec in brief If your Windows domain controllers have been crashing since a security...

U.S. Justice Department Sues Apple Over Monopoly and Messaging Security
2024-03-22 06:14

The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining,...

Inside the book – See Yourself in Cyber: Security Careers Beyond Hacking
2024-03-22 05:00

The book, published by Wiley, explores the breadth and depth of cybersecurity careers. It debunks myths and stereotypes about cybersecurity careers and highlights opportunities the industry offers to those with business, legal, communications, and other non-technical backgrounds.

95% of companies face API security problems
2024-03-22 04:30

95% of respondents surveyed by Fastly said they had experienced API security problems in the last twelve months. "The results of our survey show that decision-makers know that increased reliance on APIs creates a risk of serious cyberattacks. But so far they are not doing enough about it. This is surprising given that the operational and reputational cost of a breach far outweighs the price of deploying a consolidated web application and API security solution from a single provider," said Jay Coley, Senior Security Architect at Fastly.