Apple's security defenses have improved dramatically in recent years, but poorly written drivers in third-party applications could provide key access to critical parts of macOS.
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.
Electric car manufacturer Tesla has updated its firmware after researchers in China remotely turned on a vehicle's windshield wipers, opened the trunk and applied the brakes in new Model S sedans.
A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.
Microsoft has released a slew of security fixes to patch critical vulnerabilities, including in its IE and Edge browsers. One zero-day flaw, fixed via a Microsoft Office patch, has been exploited in the wild for more than two years.
The paradigm shift in security from prevention to detection and response has finally arrived in Asian markets, says Sid Deshpande, Gartner principal analyst, who shares insights on 2016 trends.
The process of managing software vulnerabilities inside the enterprise is complicated by the sheer number of patches that must be assessed, applied, tested and rolled out, says Wolfgang Kandek of Qualys, who offers suggestions on how to better focus those efforts.
When an organization suffers a data breach, how can it quantify the total of all the associated costs? The scope of costs goes way beyond a fixed dollar value per stolen record and extends to include legal fees, third-party forensic services, loss of reputation and defense improvement, as well as state and federal...
Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
Apple has removed from its App Store a $0.99 security tool developed by well-known researcher Stefan Esser that he says could quickly detect if an iPhone may have been hacked. What is the back-story behind this move?
Verizon's annual Data Breach Investigations Report has triggered an avalanche of criticism that researchers made critical errors when studying and reporting on the top 10 most frequently exploited software vulnerabilities.
It's been a half-year now since Art Gilliland stepped into the role of CEO at startup security company Skyport Systems. What lessons has he learned from the marketplace, and where does he expect Skyport to make its mark? Find out in this video interview.
What are some of the challenges practitioners will face as they attempt to look at emerging technologies, including CASB? How effective is the MSSP paradigm in addressing the skills gap? Expert security practitioner Manish Dave shares insights.
Security experts warn enterprises to patch the serious "glibc" domain name system flaw now, with one likening it to a "skeleton key" that could be used against all systems and Internet of Things devices that run Linux.
The Gartner Magic Quadrant is one of the most influential research tools that IT buyers use to evaluate vendors and keep pace with the accelerating shift from Mobile Device Management activity to Enterprise Mobility Management (EMM) strategy.
Ten years ago the smart phone, and a few years later the tablet, changed...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.