Reuters reports: Apple Inc (AAPL.O) said on Thursday it has found “no evidence” a flaw in its email app for iPhones and iPads has been used against customers, and that it believes the flaw does “not pose an immediate risk to our users”. Read more on Reuters.
Category: Commentaries and Analyses
FTC Settles with Company Over Alleged Deceptive Security Practices
Kari Rollins and Julia Kadish of Sheppard Mullin write: The FTC recently settled with smart lock maker Tapplock, Inc., a Canadian company, over allegations that it deceived consumers with false claims about its product’s security practices. These allegations arose based on vulnerabilities that a security researcher demonstrated – not in the aftermath of a data security breach…
Two iOS zero-days used in limited mail attacks
Dennis Fisher writes: Attackers have been exploiting a pair of dangerous vulnerabilities in the default mail app in Apple’s iOS software since at least January 2018 simply by sending specially formatted emails to target devices. The flaws are unpatched and have been present since iOS 6 was released in 2012. The two vulnerabilities have been…
Security researcher discloses four IBM zero-days after company refused to patch
Catalin Cimpanu reports: A security researcher has published today details about four zero-day vulnerabilities impacting an IBM security product after the company refused to patch bugs following a private bug disclosure attempt. The bugs impact the IBM Data Risk Manager (IDRM), an enterprise security tool that aggregates feeds from vulnerability scanning tools and other risk management…
Everyone’s Working From Home Due to the Coronavirus – Is There Insurance Coverage for a Data Breach?
Jeffrey Dennis and Heather Whitehead of Newmeyer Dillion write: Most organizations are now requiring that their employees work from home (“WFH”) with the ongoing COVID-19 (commonly referred to as the Coronavirus) pandemic. These remote working arrangements provide new opportunities for hackers to infiltrate computer systems, and not surprisingly, attempted cyber attacks are on the rise. …
New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks
Peter Marta, Paul Otto, and Timothy Tobin of Hogan Lovells write: Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. The guidance highlights the heightened cybersecurity risks from the current crisis and NYDFS’ expectations that…