Despite the need to battle COVID-19, several nations' in-development digital contact-tracing apps are already dogged by security and privacy concerns. Whether enough users will ever trust these apps to make them effective remains a major question. Is it too late to get more projects back on track?
Can you "big tech" a way out of a pandemic? Many governments around the world are trying, and Australia is joining the herd with a contact tracing app. But Australia has a splotchy record of large government tech projects, including in health, that may result in low voluntary adoption of an app.
RSA 2020 touched on a number of topics, including the security of elections and supply chains, plus AI, zero trust and frameworks, among many others. But from sessions on cryptography, to this year's lower attendance, to the antibacterial dispensers dotted around venues, concerns over COVID-19 also dominated.
British leaders' failure to more quickly choose and pursue a specific path for the nation's 5G rollout meant that ultimately, the decision got made for them, despite many security concerns persisting over the use of Chinese-built telecommunications gear.
It's a seductive story line: A chat app belonging to Saudi Arabia's crown prince is used to deliver malware to an American billionaire's phone. But a forensic investigation of Amazon CEO Jeff Bezos' phone raises more questions than it answers.
Despite organizations enduring decades of security policies, programs, plans, metrics and awareness training, CISOs still complain that too many employees are failing at the cybersecurity basics, says Virtually Informed's Sarb Sembhi.
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.
The U.S. National Security Agency is the latest intelligence agency to warn that unpatched flaws in three vendors' VPN servers are being actively exploited by nation-state attackers. Security experts say such alerts, which are rare, are a clear sign that serious damage is being caused.
"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.