Republican-backed legislation is a presidential signature away from dismantling a Federal Communications Commission regulation to require internet service providers to ask permission before selling customers' private information to advertisers.
The Department of Homeland Security, which missed meeting last week's deadline for submitting a new cybersecurity strategy to Congress, could be months away from providing lawmakers with that policy, a top DHS cybersecurity official says.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
Not too fast, not too slow. Notwithstanding regulations and contractual obligations, that's legal and security experts' consensus on how quickly organizations that suspect they've been breached should notify individuals whose information may have been exposed.
Microsoft's docs.com service has been an open window to viewing people's personal data. The company appears to have taken some steps to contain the exposure, but those watching closely say sensitive data can still be found via search engines.
An Obama-era regulation, which has yet to take effect, that aims to strengthen consumer's online privacy may be derailed. The Senate has voted along party lines to quash the rule that the FCC issued in October.
The U.S. Justice Department is reportedly preparing to charge multiple "Chinese middlemen" with helping to orchestrate the $81 million Bangladesh Bank heist on behalf of North Korea. Security experts have long been reporting that the attack code and tactics appear to trace to North Korea.
New Mexico lawmakers have overwhelmingly approved the Data Breach Notification Act. If signed, as expected, by Gov. Susana Martinez, Alabama and South Dakota would be the only states without such a statute.
Leading the latest edition of the ISMG Security Report: FBI Director James Comey's revelation of a counterintelligence investigation of possible ties between Donald Trump's presidential campaign and Russia's actions to influence the U.S. presidential election.
McDonald's home food delivery app in India leaked sensitive personal information relating to 2.2 million users. But the restaurant giant only addressed the insecure API after a researcher went public one month after informing McDonald's about the problem.
With ransomware attackers having already launched attack code with themes ranging from horror movies and Pokemon to Hitler to cats, it was only a matter of time before they decided to beam Star Trek's Kirk and Spock direct to would-be victims' PCs.
With apologies to Troy Hunt, the last thing you want to see in the morning as you're having your first cup of coffee and scanning the interwebz for cat videos is a notice from his "Have I Been Pwned" breach-alert service.
Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
If Yahoo's 2014 breach had been the result of an in-house Russian intelligence project, the hack probably would not have triggered a U.S. indictment. But Russia has landed in a muddy puddle after apparently tapping freelance talent with an interest in criminal gain.