In the largest monetary award obtained by the FTC in an enforcement action, LifeLock has agreed to pay $100 million to settle a case that, in part, stemmed from the identity protection company failing to establish and maintain an information security program to protect customers' personally identifiable information.
Cybersecurity is becoming an issue in the U.S. presidential campaign, finally. That's good news because it's critical in our day-to-day lives. But are the candidates doing the issue justice in the way they address it?
Europe looks set to pass sweeping new data protection rules, which would give consumers more control over how their personal information gets used and require organizations to notify authorities whenever they suffer a data breach.
FireEye has issued an emergency security alert - and related patch - to fix a serious flaw discovered by Google researchers. The episode follows FireEye earlier this year being criticized for serving an injunction against other security researchers.
After years of failing to enact cyberthreat information-sharing legislation, Congress is poised to vote on a measure this week that would incentivize businesses to share voluntarily threat data with the federal government and with each other.
Global Payments Inc. plans to buy its smaller rival, Heartland Payment Systems Inc., for $4.3 billion. Both payment transaction processors have suffered massive data breaches, and industry observers are weighing in on whether the merged companies will successfully build a strong culture of security.
The FBI has arrested three men on charges that they participated in a hacking and identity theft scheme designed to fuel spam campaigns, including the insider-enabled theft of account details for 24.5 million Comcast customers.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
Police in Britain have arrested a 21-year-old man on suspicion of "hacking offenses" related to the breach of Hong Kong toymaker VTech. Separately, the CEO of hacked London telco TalkTalk testified about her organization's security before Parliament.
A security researcher warns he was able to find online "sensitive account details" for 13 million users of MacKeeper. The software was the focus of a recently settled class-action lawsuit - alleging deceptive advertising and false claims.
Twitter has issued its first-ever alerts to some users that they may have been "targeted by state-sponsored actors." Some cryptographers, software developers and security experts say they have received the alerts.
Security experts are warning that Internet-connected devices - including toys - should be treated as insecure and untrusted until proven otherwise. Have our collective information security shortcomings ever been more seasonally appropriate - or scarier?
New details emerging about a breach involving a former Morgan Stanley employee illustrate how a case of inappropriate access to data can blossom into something much more serious. The case shines a spotlight on the urgent need to mitigate insider threats.
Two new malware reports - one from security researchers at technology giant Cisco, another from cybersecurity firm FireEye - demonstrate how developers continue to refine malicious code to maximize information-stealing and extortion potential.
A former U.S. State Department employee has pleaded guilty to running a "sextortion" scheme from the U.S. Embassy in London that was designed to compel young women to share sexually explicit photographs, according to the FBI.