As a new alternative to offline seller onboarding, a new digital onboarding method is being tested by amazon for verifying the identity of merchants online, this biometric verification system uses facial recognition in the form of Face Match for automated identity verification to onboard vendors. According to a post issued from the online business giant – Amazon, the test will be made available to potential sellers in the United States as a voluntary option starting today.

Cloud transformation and work from anywhere changed how security needs to work. Surveying done for the Verizon Mobile Security Index showed that 79% of IT and security professionals agree recent changes to working practices had adversely affected their organization’s Cybersecurity. One key reason modern working practices make security more challenging is each new SaaS application adopted by employees expands the attack surface and opens a new door for potential risks.

In today's security conscious climate, countries and organizations worldwide waste little time debating whether a risky mobile application should be banned — regardless of its popularity. With security and data privacy at the center of public and private sector conversations, these issues typically come about when an app is found to have concerning data collection and handling practices.

Over the years, there have been countless cases of HIPAA (Health Insurance Portability and Accountability Act) violations, which can result in significant financial penalties. Most are directly linked not to accidental employee misconduct or malicious intent but to a lack of understanding of HIPAA standards by healthcare organizations. Most cases involve poor implementation of security controls or lack of risk assessment auditing, to save money and avoid costly auditing.

On December 9, 2021, Apache upended the cybersecurity industry by publishing a zero-day vulnerability (CVE-2021-44228) for its ubiquitous Log4j logging utility. Dubbed Log4Shell, the remote code execution flaw (CVSS score:10) allows an attacker to take control of a connected device and run malicious code, access sensitive data or alter its configuration. Because Logj4 is free and easy-to-use, it’s embedded (often deeply) in Java applications used by IT and OT platforms worldwide.