Numerous technology firms now offer facial biometrics recognition search tools for big data sets. But information security expert Alan Woodward warns that these big data sets must be "considered and regulated very heavily" or else we'll be "living in 1984 without knowing it."
Email attacks continue to bite businesses, with organizations reporting not only a steady stream of ransomware, but also increasingly targeted social engineering attacks and account takeovers for cloud service users, says Barracuda's Hatem Naguib.
Nearly three weeks after human resources software vendor PageUp discovered malware on its system, the tally of what data was exposed remains unclear, although successful job applicants appear to have been hardest hit.
The geneology service MyHeritage says a security researcher found 92 million email addresses and hashed passwords for its users on a private external server. The company, however, says there's no evidence of abnormal account activity or indications family trees or DNA results were affected.
A swift FBI sinkhole blunted an apparently imminent attack against Ukraine via "VPN Filter" malware, which has infected more than 500,000 routers. But mass router compromises will continue so long as manufacturers fail to build in easy or automated patching and updating, security experts warn.
If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
Business email compromise and account takeover attacks haven't faded; they've just morphed. Wes Dobry of Agari discusses the new wave of these attacks and how organizations can do a better job of detecting and responding to them.
Attackers rarely bother with technical sophistication when easy social engineering schemes, such as "hacking" a victim's social network and using it against them, can give them what they want, says Markus Jakobsson, chief scientist at the cybersecurity firm Agari.
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
States will not have the full range of much-needed cybersecurity practices and equipment in place for this year's U.S. midterm elections. But efforts underway might deliver many much-needed improvements in time for the 2020 elections, Homeland Security Secretary Kirstjen Nielsen tells a Senate committee.
Facebook CEO Mark Zuckerberg broke five days of silence as pressure intensifies on Facebook to account for a data leak to a voter-profiling firm that worked for the Trump campaign. In a lengthy blog post, Zuckerberg has pledged to make changes to better protect personal data. But is it too late?
Google is prepping its Chrome browser to brand as "not secure" every site a user tries to visit that does not use HTTPS encryption by default. The move is meant to push more sites to use HTTPS to secure communications and help block eavesdropping and man-in-the-middle attacks.
Blockchain technology already underpins the boom in cryptocurrencies, but it is also being rigorously tested and developed for other applications, including identity and access management. Such projects could make personal data easier to secure and less vulnerable to data breaches.