The popular, headless CMS Strapi patched two vulnerabilities that allowed users with lower levels of privilege to see data only higher privileged users were cleared to see — including information allowing account takeover.
Protecting critical information, whether that be personal data or intellectual property or data tied to national security, is the number one priority for most organizations. An integral component of this is to secure the databases where that information resides.
Assaults like spamming, credential stuffing, CAPTCHA defeat, fraudulent account creation, and denial-of-service (DoS) can cause monetary and brand damage, particularly as customers demand more and more online services.
The majority of mHealth apps and some digital health tools fall outside of HIPAA regulation and pose serious privacy and security risks. A new framework and pilot aim to address these challenges.
Financial firms and non-bank financial technology players are encouraged to migrate to the cloud more quickly to cut costs and garner the benefit of the “enhanced capabilities” cloud might afford, according to a study by Next Pathway.
It’s the first anniversary of the Biden Administration’s EO on cybersecurity and progress has been made, but there’s still work to do in securing the public sector.
Old-fashioned voice connections to financial institutions are increasingly being used by bad actors for nefarious gain, according to a recent report from Pindrop.
Microsoft Corp. and Mastercard announced last week a partnership to improve authentication in digital payments with the launch of Mastercard Digital Transactions Insights.
Researchers on Monday reported they discovered a vulnerability affecting the DNS implementation of all versions of uClibc and uClibc-ng, a popular C standard library in many well-known IoT products.