BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

Mozilla May Reject UAE Firm's Root Inclusion Request

Mozilla is considering rejecting a request by United Arab Emirates-based DarkMatter to be accepted as a top-level certificate authority in Mozilla’s root certificate program. In December 2017, the UAE organization asked...
Continue reading
  0 Comments
0 Comments

Serious Flaws in WibuKey DRM Impact Siemens Products

Siemens has informed customers that some of its products are affected by recently disclosed vulnerabilities affecting the WibuKey digital rights management (DRM) solution from Wibu Systems. Cisco Talos revealed in December...
Continue reading
  0 Comments
0 Comments

The Truth about Business Risk Intelligence

Starting a business risk intelligence (BRI) program often requires overcoming challenges that involve resource allocation, operational bandwidth, or stakeholder support, to name a few. And occasionally, these challenges can be exacerbated...
Continue reading
  0 Comments
0 Comments

European Telecommunications Standards Institute Publishes New IoT Security Standard

On February 19, the European Telecommunications Standards Institute (ETSI) published the ETSI TS 103 645 V1.1.1 -- or more simply, a high-level outcome-focused standard ( PDF ) for cybersecurity in the consumer-oriented...
Continue reading
  0 Comments
0 Comments

Support for FIDO2 Passwordless Authentication Added to Android

Android becomes FIDO2 Certified
Google and FIDO Alliance on Monday announced that it is now easier for developers to provide passwordless authentication features for their Android websites and apps as a result of Android becoming...
Continue reading
  0 Comments
0 Comments

Consumer Groups Protest Being Left Out of Senate Privacy Hearing

Consumer groups voiced dismay Friday after a US Senate panel considering privacy legislation scheduled a largely industry-packed witness list for an upcoming hearing. Senate Commerce Committee Chairman Roger Wicker, a Republican,...
Continue reading
  0 Comments
0 Comments

California Introduces New Data Breach Notification Law

California Attorney General Xavier Becerra and Assemblymember Marc Levine last week introduced a new piece of legislation that would require organizations to notify consumers if their passport or biometric information has...
Continue reading
  0 Comments
0 Comments

Prosecutors Seek 3-Year Sentence in 'Celebgate' Hacking Case

Federal prosecutors have recommended a sentence of nearly three years in prison for a former Virginia high school teacher convicted of hacking into private digital accounts of celebrities and others. Christopher...
Continue reading
  0 Comments
0 Comments

New Service From Cisco's Duo Labs Analyzes Chrome Extensions

Duo Labs, part of Cisco-owned Duo Security , has launched a new service designed to analyze Chrome extensions and deliver security reports on them.  Dubbed CRXcavator and released in beta, the...
Continue reading
  0 Comments
0 Comments

Report: Apps Give Facebook Sensitive Health and Other Data

Several phone apps are sending sensitive user data, including health information, to Facebook without users' consent, according to a report by The Wall Street Journal. An analytics tool called "App Events"...
Continue reading
  0 Comments
0 Comments

Warning Issued Over Attacks on Internet Infrastructure

Key parts of the internet infrastructure face large-scale attacks that threaten the global system of web traffic, the internet's address keeper warned Friday. The Internet Corporation for Assigned Names and Numbers...
Continue reading
  0 Comments
0 Comments

SWF Participates in MILAMOS Workshop VI in Montreal, Canada

SWF Space Law Advisor Chris Johnson participated in the sixth meeting of the Manual on International Law Applicable to Military Activities in Space (MILAMOS) Project , held in Montreal, Canada from...
Continue reading
  0 Comments
0 Comments

SWF Participates in MILAMOS Workshop VI in Montreal, Canada

SWF Space Law Advisor Chris Johnson participated in the sixth meeting of the Manual on International Law Applicable to Military Activities in Space (MILAMOS) Project , held in Montreal, Canada from...
Continue reading
  0 Comments
0 Comments

Bug Allows Bypass of WhatsApp Face ID, Touch ID Protection

iPhone Share Sheet
The Face ID and Touch ID authentication feature introduced recently to WhatsApp for iOS can be easily bypassed, but a patch has been released. An update rolled out in early February...
Continue reading
  0 Comments
0 Comments

Entrust to Acquire Hardware Security Module Maker nCipher

Entrust Datacard and Thales have signed a definitive agreement for Entrust to acquire the nCipher general purpose hardware security module (GP HSM) division of Thales. Financial details have not been disclosed....
Continue reading
  0 Comments
0 Comments

Cybercriminals Promise Millions to Skilled Black Hats: Report

Cybercriminals say they are willing to pay over a million dollars per year to individuals with network management, penetration testing, and programming skills willing to put on a black hat, a...
Continue reading
  0 Comments
0 Comments

DrainerBot SKD Sucks Data and Battery From Android Devices

A major mobile ad fraud operation impacts millions of users through infected consumer applications, Oracle reveals.  Dubbed DrainerBot, the nefarious operation relies on hidden and unseen video ads that are delivered...
Continue reading
  0 Comments
0 Comments

Pulse Secure Unveils Software Defined Perimeter Solution

Pulse Secure
Pulse Secure, a company that specializes in secure access solutions, this week unveiled a new software defined perimeter (SDP) product designed to provide organizations direct secure access to their resources and...
Continue reading
  0 Comments
0 Comments

Researcher Earns $10,000 for Another XSS Flaw in Yahoo Mail

A researcher says he has discovered yet another critical cross-site scripting (XSS) vulnerability in Yahoo Mail. The recently patched flaw could have been exploited to steal the targeted user’s emails and...
Continue reading
  0 Comments
0 Comments

Mexican Privacy Watchdog Criticizes Government Over Spyware

Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against...
Continue reading
  0 Comments
0 Comments