Facebook CEO Mark Zuckerberg broke five days of silence as pressure intensifies on Facebook to account for a data leak to a voter-profiling firm that worked for the Trump campaign. In a lengthy blog post, Zuckerberg has pledged to make changes to better protect personal data. But is it too late?
Australia's real-time payments platform, which launched last week, includes a feature designed to reduce fraud and erroneous payments. Ironically, the feature may also expose users to social engineering attacks.
Illegal transactions on the internet have long been conducted in the cryptocurrency bitcoin. But underground vendors are accepting new kinds of virtual currency that may be safer to store and offer more privacy protections, according to a new study of 150 dark web markets and forums.
Blockchain technology already underpins the boom in cryptocurrencies, but it is also being rigorously tested and developed for other applications, including identity and access management. Such projects could make personal data easier to secure and less vulnerable to data breaches.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
So what actions can we expect in 2018 from the Department of Health and Human Services' Office for Civil Rights as it enforces the HIPAA privacy, security and breach notification rules? Making a prediction is difficult, given all the changes at HHS.
Fraudsters recently ordered a total of nine iPhones and Samsung S8s from Sprint and Verizon with my personal details. With the internet awash in stolen personally identifiable information, are mobile operators doing enough to prevent fraudulent orders?
A 10-digit PIN used by consumers to freeze access to credit reports with Equifax is based on dates and times, several observers have noticed. Equifax says it plans to change how the PIN is generated, but experts say it's another troubling development for a troubled company.
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
The never-ending stream of bad information security news is fueling a virtual gold rush for companies offering protection. A new report from Forrester predicts a healthy growth rate over the next five years, with some specific technologies expected to see double-digit growth.
Carbon Black rolled with the punches last week after it was accused of exposing customer data via a bug in one of its endpoint detection products. It turned out there was no bug. But the company has gone back and uncovered a bug that did expose customer data, albeit on a small scale.
Security vendors are known to sprinkle hyperbole among their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection vendor Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
A new report into the state of consumer routers by Carnegie Mellon researchers is unsparing in its criticism: It's a market of lemons, and virtually all of the test models had security problems. What's the solution?