Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In February 2021, the Reserve Bank of India published a paper detailing Digital Payment Security Controls (DPSC). The paper was developed to aid Indian financial organisations in protecting digital channels and offering commodities to clients with Identity Verification solutions. Global financial services corporations are caught between the government and clients.

The modern vehicle comes equipped with a variety of software systems. Especially features that connect it to the outside world, such as online updates, fleet management and communication between vehicles, offer attack surface. The security of automotive software is crucial, not only because bug-induced call-backs are costly, but also because the well-being of passengers depends on it.

The nature of LinkedIn’s professional environment facilitates communication among individuals from various backgrounds across industries. However, threat actors have been known to exploit the business networking platform for malicious aims, including intelligence gathering, identity theft and spear phishing. A number of fake profiles identified on the site have been observed targeting individuals in diverse sectors, particularly those with roles in government, cyber security and education.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Ah ha! Something new to combat a valid issue I’m sure many of us who have had left a phone at a repair shop had fears over…. Will our data on the device be abused? Looks like Samsung has a solution in part.

Have you ever heard the cybersecurity term “dictionary attack”, and wondered what it means? You’re not alone. Here, we’ll break down what a dictionary attack is, and explain what steps you should take to protect yourself from this threat.

For the next interview in our series speaking to technical leads from around the world, we’ve welcomed experienced cybersecurity specialist Szilveszter Szebeni, CISO at Tresorit.

The theme for Cybersecurity Awareness Month 2022 is “See Yourself in Cyber.” As Cybersecurity Awareness Month comes to a close, CrowdStrike celebrates the many ways human expertise and technology come together to create a stronger defense against adversaries.

The big news this week is that a new CRITICAL OpenSSL vulnerability will be announced on November 1st, 2022. Critical-severity OpenSSL vulnerabilities don’t come along every day – the last was CVE-2016-6309, which ended up only affecting a single version of the software. The more famous vulnerability, known as Heartbleed, came out in 2014. Will this be more like Heartbleed or the vulnerability in 2016? We will soon find out.

At this point, anybody in the IT world would have to be living in a cave in the wilderness to not know that October is Cybersecurity Awareness Month. (And since there’s no Wi-Fi in wilderness caves, that scenario is admittedly unlikely.) This week, I wanted to take a closer look at a couple topics, one for work and one at home.