The Unique Identity Authority of India, which administers the Aadhaar program, is again facing harsh criticism about its security measures, this time from State Bank of India. But rather than pointing fingers, all government organizations need to collaborate to enhance security.
Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments?
Special Counsel Robert Mueller's investigation into Russian interference in the 2016 U.S. presidential elections has led to 199 criminal charges, 37 indictments or guilty pleas and four prison sentences so far. But some key questions remain unanswered.
Massive data brokers - Equifax, Experian, Illion and others - are leveraging Australia's electoral roll, which is a tightly held and valuable batch of data. While this little-known practice might sound alarming, in fact it's required under Australia's anti-money laundering and anti-terrorism rules.
FBI agents say the government shutdown is impeding their investigations, including cybersecurity probes, with the lack of funding compromising their ability to pay confidential informants and obtain warrants or subpoenas.
Australian security expert Troy Hunt says an 87 GB compilation of username and password combinations - drawn from more than 2,000 databases - includes 773 million unique email addresses for apparent use in credential-stuffing attacks. Takeaway: Use a unique password for every site, or else.
In a case of business email compromise, Chinese hackers stole $18.6 million from the Indian arm of Tecnimont SpA, an Italian engineering company, through an elaborate cyber fraud scheme that included impersonating the firm's chief executive.
On Wednesday, just days after a new "cybersecurity" law took effect, Vietnam alleged that Facebook has violated the law by allowing users to post anti-government comments on the platform. The so-called cybersecurity law actually speaks little about IT security measures.
The recent Black Hat Europe conference in London touched on topics ranging from combating "deep fake" videos and information security career challenges to hands-on lock-picking tutorials and the dearth of research proposals centered on deception technology.
What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
Efforts to protect privacy must be carefully balanced against the need to practically implement advanced technologies, argues Jared Ragland, senior director for policy in APAC at BSA/The Software Alliance, an advocacy group for software companies.
For the past three years, hackers have been intercepting sensitive diplomatic cables sent between EU member states after stealing passwords for accessing the EU network via a phishing attack against diplomats in Cyprus, The New York Times reports.
As India's Parliament prepares to finalize a privacy and data protection law in the weeks ahead, there's still no consensus among security practitioners about what approach the legislation should take. But the government should ensure all companies comply with clearly defined standards - or face punishment.
Although CERT-In says the hacking of Indian websites declined dramatically this year, based on reports it has received, some security experts argue that many hacking and other cybercrime incidents are never reported.