France's data protection watchdog has slammed Microsoft Windows 10 for collecting excessive amounts of personal data and failing to use strong security controls. Under the country's data protection laws, Microsoft may now face up to $1.7 million in fines.
As Pokémon Go launches in Japan, the government's cybersecurity organization has issued a nine-point safety guide reminding players to beware of real-world and cybersecurity hazards when playing the augmented reality game.
The increase in breaches is having a positive impact on IT security employment, as headlines about one cybersecurity incident after another serve as recruiting tools for skilled cyber defense workers. The IT and IT security workforce reached record levels this past quarter.
An analysis of the record of the U.K.'s new prime minister, Theresa May, on cybersecurity and online privacy and a report on efforts to create an antidote to ransomware highlight this edition of the ISMG Security Report.
Businesses on both sides of the Atlantic are lauding the new U.S.-EU Privacy Shield, which gives them a legal way to handle Europeans' personal data. But privacy rights groups have criticized the agreement for falling short of the EU's own privacy protections.
The Obama administration has unveiled a federal cybersecurity workforce strategy that calls for identifying, recruiting, developing, retaining and expanding "the best, brightest and most diverse cybersecurity talent" for federal service. But are those goals realistic?
Pokémon Go - Nintendo's new smartphone app - has been a smash hit. But the game's augmented-reality approach, and app developers' data-handling choices, have triggered security and privacy concerns as well as safety warnings.
Forget the 2015 mega-breach, an ongoing FTC probe or multiple class-action lawsuits: A new leadership team wants to reboot infidelity-focused online dating website Ashley Madison, promising that this time they'll get security and privacy right.
Members of Congress have sent a letter to federal regulators saying that because ransomware attacks are "different" from other breaches in the healthcare sector, there's a need for new recommendations in upcoming government guidance.
Ukraine's central bank has confirmed that one of the country's banks fell victim to a fraudulent SWIFT heist in April. This latest such attack revelation should spur all SWIFT-using banks to assume they've been hacked, until proven otherwise.
The MySpace and LinkedIn data dumps have been made available by a security researcher on his website, which is perhaps the most easily accessible source for obtaining it. But does it put people at greater risk?
Would access to better information pertaining to encryption help Congress pass good crypto-related laws? That's the impetus behind a "Digital Security Commission" and a related report being hawked by some lawmakers.
An individual claiming to be the hacker who posted four healthcare databases on the dark web reveals some of his tactics. We take a close look at the risks posed to one affected clinic, which faces a ransom demand.
Warning to parents and guardians: Beware of collecting, storing or sharing your child's biometric information - including fingerprints and DNA - even if you're creating a so-called "Child ID Kit," because the data is a natural target for identity thieves.
Britain's surprise vote to "Brexit" the European Union leads the ISMG Security Report. Also hear analysis on a cybercrime forum selling remote server access; Comodo being in hot water by saying "let's encrypt"; and why Facebook CEO Mark Zuckerberg covers his webcam with tape.