The FTC will not call a witness to refute damaging testimony by a former employee of Tiversa, the firm at the center of the FTC's security case against medical testing company LabMD. The case could proceed to closing arguments in the coming weeks.
Fraudsters have been hacking into and draining Starbucks accounts, customers report. Security experts say attackers appear to be guessing weak account passwords, then using funds to fill up gift cards destined for the black market.
President Obama is strongly urging the House and Senate to pass the USA Freedom Act, a bipartisan bill that would ban the National Security Agency's bulk collection of metadata on American citizens' telephone calls.
Much of today's crime is "cyber-enabled," warns cybercrime expert Raj Samani, and successfully blocking such attacks increasingly demands not just better technology and public-private collaboration, but also an understanding of psychology.
Automating the process of excising personally identifiable information when sharing data is a challenge that the Defense Advanced Research Projects Agency hopes to overcome. DARPA will spend up to $60 million to fund projects to address the problem.
Legal experts say the majority of class-action lawsuits filed in response to data breaches fail, and that's unlikely to change unless lawmakers or the courts rethink notions of "injury" and "harm" to encompass more than just fraud.
A judge's decision to allow MasterCard's settlement with Target to stand isn't likely to be appealed and could discourage banking institutions, some experts say, from continuing to pursue a breach-related class-action lawsuit they filed against the retailer.
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
Testimony in the FTC's data security case against LabMD raises questions about the credibility of sources and evidence that the commission relies on in its pursuit of data security enforcement actions. But what will happen next in this case?
Britain's Tory party has secured a majority in Parliament, which means the country will soon see a new legislative agenda. Here are some of the information security, privacy and surveillance initiatives to expect in the coming months.
The IT security industry must do a much better job of persuading young people with the requisite math and science skills to join the cybersecurity workforce rather than choose another profession, says David Shearer of (ISC)Â².
Some federal lawmakers are concerned that passing a national data breach notification law would weaken security protections found in certain states' statutes. That's a major reason getting a national law enacted will prove difficult.
A federal appellate court decision that the National Security Agency's bulk data collection program is illegal could have sweeping ramifications beyond derailing the initiative to amass the metadata of Americans' telephone calls.