Microsoft issued patches for three zero-day vulnerabilities as part of its most recent Patch Tuesday update. The software giant had previously warned users about two vulnerabilities in the Adobe Type Manager Library that were being exploited in the wild.
The U.K. government says it's prepping a contact-tracing app in an attempt to help contain COVID-19. But a leading cybersecurity expert argues that the proposal amounts to little more than "do-something-itis" and urges a focus, instead, on expanded testing as well as ventilator production.
Researchers at Boston University have written a research paper that proposes creating a smartphone app that uses short-range transmission technologies that can inform users if they have been in close proximity to a person infected with COVID-19 - while maintaining privacy.
Security practitioners around the world are struggling to cope with the challenges posed by remote workers heavily relying on virtual private networks during the COVID-19 pandemic. Here's a look at steps to take to help enhance security.
Checkmarx, an Israeli security company that has made its mark in DevOps and application security testing, soon will have a new owner. Private equity firm Insight Partners is selling the company to another private equity firm, Hellman & Friedman, in a $1.15 billion deal.
Microsoft has released an "out of band" security update to fix a flaw in SMBv3 that was accidentally disclosed publicly before a full fix had been prepared. Security experts warn that the flaw could be exploited to crash vulnerable systems and potentially execute arbitrary code.
RSA 2020 touched on a number of topics, including the security of elections and supply chains, plus AI, zero trust and frameworks, among many others. But from sessions on cryptography, to this year's lower attendance, to the antibacterial dispensers dotted around venues, concerns over COVID-19 also dominated.
Just as consumers can look at a box of Twinkies and read a list of ingredients, so too should software makers provide users with a "bill of materials" explaining their composition, says Allan Friedman, director of cybersecurity initiatives at the U.S. National Telecommunications and Information Administration.
Walgreens' mobile app inadvertently disclosed personal messages to other customers due to an internal application error, revealing some health-related information. The company did not say how many people were affected.
Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid.