The Anthem data breach in 2014–2015 was the largest healthcare data breach ever. But healthcare cyber security has improved since then.
The U.S. House Committee on Oversight and Government Reform has more than a few things to say about responsible enterprise application security.
Facebook CEO Mark Zuckerberg has had to use variations of the word “serious” a lot over the past year—most notoriously regarding the social media giant’s sale of member data to Cambridge Analytica, which was viewed as affecting the 2016 presidential election.
Posted in Data Breach Security | Comments Off on Things get ‘seriously’ insecure yet again for Facebook
Leaky APIs expose customer data for free to anyone who knows the URL. What are you doing to protect your customers from hackers targeting your APIs?
After the SingHealth cyber attack, it took a week for attackers to steal the personal data of 1.5 million people—about a quarter of the city-state’s population.
Another week, another list of data breaches resulting from vulnerabilities in third-party contractors for high-profile companies.
The Timehop breach disclosed 21 million individuals’ account information. And now we know what public disclosure of a breach might look like under GDPR.
We took the opportunity at RSA Conference last month to survey our booth visitors about their organizations’ application security programs. We’ve sponsored and conducted a number of surveys on topics ranging from DevSecOps to open source security to medical device security, but there’s something about collecting feedback from conference attendees in person that really hits home—a glimpse into security IRL, if you will. Taking a look at security IRL Most attendees (78%) reported direct roles in cybersecurity, risk management or software engineering, representing a wide range of industries. Some of the findings were far from unexpected. For example, 40% of respondents cited a lack of skilled security professionals as the biggest challenge in implementing their application security programs. We also found that a startling number of respondents didn’t even know whether their organizations were the target of a cyber attack in the last two years.
Posted in Data Breach Security | Comments Off on Security IRL at RSA Conference 2018
Security researcher Robert Wiggins recently uncovered a serious security issue in the TeenSafe “secure” monitoring product for Android and iOS platforms.
Maybe you could call it two-factor fakery.
Posted in Data Breach Security | Comments Off on Office 365 email protection gets blindsided