The General Data Protection Regulation, a GDPR, requires business entities to put appropriate technical and organisational measures in place and implement privacy-compliant procedures and processes. The need to implement the data protection principles is to guard the safety of customers’ default personal data and protect natural persons’ rights. This requirement leads to addressing the guide of data privacy by design and by default.
The value of log files goes far beyond their traditional remit of diagnosing and troubleshooting issues reported in production. They provide a wealth of information about your systems’ health and behavior, helping you spot issues as they emerge. By aggregating and analyzing your log file data in real time, you can proactively monitor your network, servers, user workstations, and applications for signs of trouble.
As a mobile app developer, you must develop and release fully functional and safe applications. While you can manage the functionality quite comfortably, making the application secure and resilient to cyber-attacks is hard. So, what should you do? Well, we got you covered. This blog discusses the top 10 security issues developers encounter during mobile app development and the solutions.
Lookout Threat Lab researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders. While we’ve been following this threat for a while using Lookout Endpoint Detection and Response (EDR) these latest samples were detected in April 2022, four months after nation-wide protests against government policies were violently suppressed.
The National Crime Record Bureau (NCRB), in its report, recorded 50,035 cybercrime cases in 2020, and it is alarming to see that the numbers have surged exponentially ever since the pandemic. This opened the gates to remote onboarding and the use of facial recognition algorithms to distinguish users’ unique features, enhancing their onboarding experience. On the flip side, this has also given scamsters and fraudsters ample opportunities to manipulate and employ technologies for wrongful gains.
Read also: security flaw in Travis CI API exposes user access tokens, small botnet launched a record-breaking DDoS attack and more.
If you don’t work in IT or security, there’s no need to fret about every detail of every online danger. Nevertheless, it’s worth having awareness of the strategies and techniques that criminals are using to achieve their goals online.
CIS Control 8 Center for Internet Security (CIS) version 8 covers audit log management. (In version 7, this topic was covered by Control 6.) This security control details important safeguards for establishing and maintaining audit logs, including their collection, storage, time synchronization, retention and review. Two types of logs are independently configured during system implementation.
Control 10 of CIS Critical Security Controls version 8 is focused on malware defenses. It describes safeguards to prevent or control the installation, spread and execution of malicious applications, code and scripts on enterprise assets. (In CIS version 7, this topic was covered by Control 8.) Malware, especially ransomware, has become a pressing security issue in recent years.
