News

Singapore Ministry of Education orders software removed after string of snafus

UK-based mobile device management vendor Mobile Guardian has admitted that on August 4 it suffered a security incident that involved unauthorized access to iOS and ChromeOS devices managed by its tools. In Singapore, the incident resulted in 13,000 devices being remotely wiped and saw the nation's Education Ministry cut ties with the vendor.…

Some scowl, some smile, as fines no longer apply every time your mugshot or fingerprint is shared

The US state of Illinois has reduced penalties for breaches of its tough Biometric Information Privacy Act (BIPA).…

Smile for the camera to get in, or buy a beer without lining up

The National Football League and all 32 of its teams will use tech from facial recognition software vendor Wicket to verify the identity of thousands of staff, media and fans as part of its credentialing program.…

Background check biz accused of negligence

A lawsuit has accused a Florida data broker of carelessly failing to secure billions of records of people's private information, which was subsequently stolen from the biz and sold on an online criminal marketplace.…

Watch this video to learn how Palo Alto Networks is using GenAI to automate and simplify cybersecurity

Sponsored Post  Cyber security is complex right, particularly when you're tyring to monitor and configure multiple tools across a host of different on- and off-premise IT environments?…

Malware logs users' keystrokes, pilfers credentials, exfiltrates data

Criminals are preying on Windows users yet again, this time in an effort to hit them with a keylogger that can also steal credentials and take screenshots.…

Vendor plans to aggressively defend its case before listing catalog of shortcomings at the airline

CrowdStrike says it is "highly disappointed" and rejects the claims made by Delta and its lawyers that the vendor exhibited gross negligence in the events that led to the global IT outage a little over two weeks ago.…

Eighty-one apps signed up to pilot facial recognition and real name ID system

Chinese app developers have signed up to beta test a national cyberspace ID system that will use facial recognition technology and the real names of users, according to Chinese media.…

Plus: CISA's AI hire; and Canuck SIM swappers busted

Infosec in brief  Scammers have been using Google's own ad system to fool people into downloading a borked copy of the Chocolate Factory's Authenticator software.…

Now that's a TRACTOR pull request

To accelerate the transition to memory safe programming languages, the US Defense Advanced Research Projects Agency (DARPA) is driving the development of TRACTOR, a programmatic code conversion vehicle.…

WeRedEvils alleges successful attack on infrastructure, including data theft

Israel-based hacktivists are taking credit for an ongoing internet outage in Iran.…

Hear how AI runtime security secures applications in the complete journey from design to build to run

Sponsored Post  Ensuring access to mission critical, AI-enabled applications is important for modern businesses keen on boosting employee productivity and transforming customer operations. But not if it compromises data security.…

They say crime doesn't pay. They're right – it's the victims doing the paying

An unnamed Fortune 50 corporation paid a stonking $75 million to a ransomware gang to stop it leaking terabytes of stolen data.…

Work aims to build on the success of NCSC's 2016 initiative – and private sector will play a part

The UK's National Cyber Security Centre (NCSC) says it's in the planning stages of bringing a new suite of services to its existing Active Cyber Defence (ACD) program.…

Suspected devs behind Russian Coms cuffed – now to find the users of the nastyware

The UK's National Crime Agency (NCA) has shut down an outfit called Russian Coms – a call-spoofing service believed to have swindled hundreds of thousands of victims.…

First delays, then data leaks – now fraud detection needed at point of use

The Japanese government has released details of of an app that verifies the legitimacy of its troubled My Number Card – a national identity document.…

SMS OTPs are overused, so bring on the tokens and biometrics

India's central bank on Wednesday proposed a requirement for dynamically generated second authentication factors for most digital payments.…

Techno-crooks greeted by grinning Putin after landing

At least two Russian cybercriminals are among those being returned to their motherland as part of a multinational prisoner exchange deal announced Thursday.…

That horse has not just bolted, it's trampled all over kernel space

CrowdStrike, after suggesting canary testing as a way to ensure it avoids future blunders leading to global computer outages, has been sued in federal court by investors for not using a phased approach in rolling out updates to customers in the first place.…

PSA comes amid multiple IT services crises in recent days

US law enforcement and cybersecurity agencies are reminding the public that the country's voting systems will remain unaffected by distributed denial of service (DDoS) attacks as the next presidential election fast approaches.…