Category: Business Sector

FTC Settles with Company Over Alleged Deceptive Security Practices

Posted on by Dissent

Kari Rollins and Julia Kadish of Sheppard Mullin write: The FTC recently settled with smart lock maker Tapplock, Inc., a Canadian company, over allegations that it deceived consumers with false claims about its product’s security practices. These allegations arose based on vulnerabilities that a security researcher demonstrated – not in the aftermath of a data security breach…

Read more

Two iOS zero-days used in limited mail attacks

Posted on by Dissent

Dennis Fisher writes: Attackers have been exploiting a pair of dangerous vulnerabilities in the default mail app in Apple’s iOS software since at least January 2018 simply by sending specially formatted emails to target devices. The flaws are unpatched and have been present since iOS 6 was released in 2012. The two vulnerabilities have been…

Read more

Security researcher discloses four IBM zero-days after company refused to patch

Posted on by Dissent

Catalin Cimpanu reports: A security researcher has published today details about four zero-day vulnerabilities impacting an IBM security product after the company refused to patch bugs following a private bug disclosure attempt. The bugs impact the IBM Data Risk Manager (IDRM), an enterprise security tool that aggregates feeds from vulnerability scanning tools and other risk management…

Read more

CISI payment breach leaves members vulnerable to fraud

Posted on by Dissent

Robbie Lawther reports: The Chartered Institute for Securities and Investments (CISI) has confirmed that some of its members may have had their financial information stolen after “malicious code” was inserted on its website. It comes after the professional body was made aware that members were noticing fraudulent activity on their credit/debit cards after a payment…

Read more