In June, I wrote an in-depth story about how millions of Instagram users worldwide under 18 years old were exposing their email addresses, phone numbers or both. Instagram has finally made a change to address the issue - but it doesn't go far enough.
Federal prosecutors have charged a Long Island company, along with seven of its employees, with selling vulnerability-laden Chinese technology to the U.S. military and other agencies for a decade and passing the gear off as American made.
In December, PCI SSC plans to publish a new standard for solutions that enable "tap and go" transactions on merchant smartphones and other commercial off-the shelf mobile devices. Troy Leach, the council's CTO, offers insights on the role the standard will play in enhancing security for smaller merchants.
A handful of common lures still have astounding success in compromising computers: phishing emails, malicious links and the king of them all: the malicious Microsoft Office document. But Microsoft is introducing virtualized containers in Office 365, which will isolate untrusted documents.
Say hello to NortonLifeLock, as Symantec anti-virus for consumers is no more, following the sale of Symantec's enterprise assets and name to Broadcom for $10.7 billion. But can the new, pure-play consumer "cyber safety" business succeed where the combined consumer and enterprise business previously stumbled?
The cybersecurity community had been holding its breath in anticipation of mass attacks targeting the severe BlueKeep vulnerability in Windows, which Microsoft has patched. The first in-the-wild exploits have now been seen, although they don't appear to constitute an emergency - at least yet.
Using the largest repository of breached credentials in the world, SpyCloud has analyzed breach data tied to Fortune 1000 employees to understand what information is out there and how it can be used to commit fraud. In this video, SpyCloud Head of Product Strategy Chip Witt will walk through SpyCloud's analysis of...
Mobile devices are attractive targets for attackers because of messages, call logs, location data and more. State-sponsored groups are digging ever deeper into mobile hacking, says Brian Robison of BlackBerry Cylance.
FCC Chairman Ajit Pai is pushing a proposal that would ban U.S. telecommunications firms from using commission funds to buy equipment from companies deemed national security threats. The new rule would first target Chinese telecom companies Huawei and ZTE.
Facebook is suing NSO Group, a spyware company, alleging it developed a potent exploit to spy on WhatsApp messages sent by diplomats, journalists, human rights activists and political dissidents. Facebook is seeking damages and an injunction forbidding NSO Group from accessing its infrastructure.
The use of new standards can help strengthen cybersecurity risk management of medical devices at the Department of Veterans Affairs as well as other healthcare organizations, says Anura Fernando of UL, which recently completed a study with the VA examining gaps in medical device cybersecurity approaches.
What is the risk of having too many cybersecurity tools? Compromised visibility because of "tool sprawl," say Brian Murphy and Seth Goldhammer of ReliaQuest. Enterprises are now awakening to this challenge and attempting to overcome it.
According to Ricardo Villadiego, Lumu Technologies' Founder and CEO, organizations are "sitting on a gold mine: their own data". Under the single premise that organizations should assume they are compromised and prove otherwise, Lumu seeks to empower enterprises to answer the most basic question: Is your organization...
The threat and risk surface of internet of things devices deployed in automobiles is exponentially increasing, which poses risks for the coming wave of autonomous vehicles, says Campbell Murray of BlackBerry. Large code bases, which likely have many hidden software bugs, are part of the problem, he says.
Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.