Yahoo is hoping a revamped proposed breach-related settlement will pass muster with a federal judge who rejected the first one for myriad reasons, including high attorney fees and a lack of transparency. The settlement totals $117.5 million, just ahead of health insurer Anthem's $115 million settlement.
The Singapore government has introduced draft legislation that it says would help in combating fake news, especially on social media platforms. While some privacy experts have expressed reservations, government intervention is merited.
The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.
Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Shortly after a massive data breach affected up to 50 million accounts last September, Facebook didn't believe the incident needed to be reported under Australia's mandatory breach notification law. While Facebook voluntarily notified all users, emails show the company initially underestimated the breach.
How the country responds to the growing cyberthreats will shape its diplomatic, military and economic power. With the stakes this high, is the U.S. getting it right? Chris Painter, commissioner on the Global Commission on the Stability of Cyberspace and former White House cyber czar, offers his perspective.
PSD2 requirements for strong authentication and third-party bank account access go into effect this September. Angie White, product marketing manager at iovation, discusses the implications of the directive inside and outside the European Economic Area.
Special Counsel Robert Mueller's two-year investigation into Russia's 2016 election interference has concluded, finding no evidence that President Trump's campaign coordinated with Moscow, although Mueller declined to exonerate Trump over obstruction of justice, says U.S. Attorney General William Barr.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
Since the EU's new GDPR privacy law came into effect in May 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin.