In an exclusive, in-depth analysis, a panel of experts says the proposed personal data protection and privacy bill, prepared by the Justice B. N. Srikrishna committee, has many gaps and some provisions that could prove challenging to implement.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
An Australian teenager was such a fan of Apple that he hacked into the technology giant's mainframe, according to media reports. The teen has pleaded guilty to stealing 90 GB of sensitive information. But Apple says no customers' personally identifiable information was exposed.
U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
When taking steps to guard against fraudulent transactions through contactless payments, organizations must carefully balance the level of security versus customer convenience, says Sriram Natarajan, COO at Quatrro.
The STIX and TAXII standards for threat intel interchange have undergone a major upgrade to v2.0. LookingGlass CTO Allan Thomson, who's been closely involved in its development, describes the role of these enhanced standards.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
The EU's General Data Protection Regulation has significantly raised privacy awareness worldwide in the brief time that it's been in force, says Rob Hinson of OneTrust. Organizations are revamping both internal and external privacy programs to meet the minimum global standard, he says.
Hubris has a new name: Bitfi. The cryptocurrency wallet-building company, backed by technology eccentric John McAfee, earned this year's not-so-coveted Pwnies Award for "Lamest Vendor Response" for how it mishandled security researchers' vulnerability disclosures. Bitfi has promised to do better.
UIDAI again found itself embroiled in a controversy when it was revealed that its helpline was being automatically added in the contact lists of mobile phones. But Google acknowledged that its coding error led to the mishap. Why was Google involved in getting a phone number for UIDAI preloaded on phones?
Cloud-based CRM giant Salesforce.com is warning some of its Marketing Cloud users that any data they stored may have been accessed by third parties or inadvertently corrupted because of an API error that persisted for six weeks.
UIDAI, which administers the Aadhaar program, has some simple advice: Avoid behaviors such as what R.S. Sharma, chairman of the Telecom Regulatory Authority in India, did on Saturday, when he tweeted his Aadhaar number.