FTC Sanctions Defunct Cambridge Analytica: So What?

Mathew J. Schwartz • December 9, 2019

The U.S. Federal Trade Commission has sanctioned data analytics firm Cambridge Analytica for misusing Facebook users' personal details as part of voter-targeting campaigns. Just one problem: The firm declared bankruptcy in May 2018. Meanwhile, voter microtargeting continues unchecked.

Account Takeover

To Survive a Data Breach, Create a Response Playbook

Latest

Governance

Banner Health Breach Lawsuit Settled

Marianne Kolbasuk McGee • December 9, 2019

A federal court has granted preliminary approval of a multi-million dollar settlement of a consolidated class action lawsuit filed against Banner Health in the wake of a massive 2016 breach of healthcare and financial information. Here's a rundown of the details.

Finance & Banking

$200,000 Internet Fraud: Will Anyone Investigate?

Jeremy Kirk • December 9, 2019

Internet crime has grown so rapidly that law enforcement is outpaced. Here's the story of how a Manhattan doctor lost $200,000 in an internet scam, and why he's struggling to get law enforcement's attention.

Artificial Intelligence & Machine Learning

8 Takeaways: Black Hat Europe's Closing 'Locknote' Panel

Mathew J. Schwartz • December 8, 2019

Security experts speaking on the ending "locknote" panel at this year's Black Hat Europe highlighted trends from the conference, including the rise of fuzzing, simplification via the cloud, increasing vendor transparency as well as the industry too often still failing to focus on the basics.

Cybercrime

Wiper Malware Targets Middle Eastern Energy Firms: Report

Akshaya Asokan • December 6, 2019

A new malware campaign suspected of being tied to Iran has been targeting companies in the energy and industrial sectors in the Middle East, according to a report from IBM X-Force.

Artificial Intelligence & Machine Learning

AI, Machine Learning and Robotics: Privacy, Security Issues

Marianne Kolbasuk McGee • December 6, 2019

The use of artificial intelligence, machine learning and robotics has enormous potential, but along with that promise come critical privacy and security challenges, says technology attorney Stephen Wu.

Endpoint Security

Analysis: Smart TV Risks

Nick Holland • December 6, 2019

The latest edition of the ISMG Security Report offers an analysis of the FBI's security and privacy warnings about smart TVs. Also featured: discussions on the security of connected medical devices and strategies for fighting synthetic identity fraud.

Cybercrime

Skimming Campaign Leveraged Heroku Cloud Platform: Report

Akshaya Asokan • December 5, 2019

Several e-commerce sites were targeted with a card skimming campaign that used the Salesforce-owned Heroku cloud platform to host skimmer infrastructure and stolen credit card data, according to a new report from the security firm Malwarebytes.

3rd Party Risk Management

John Halamka on Privacy, Security of Mayo Clinic Platform

Marianne Kolbasuk McGee • December 5, 2019

In an in-depth interview, John Halamka, M.D., the former long-time CIO at Beth Israel Deaconess Medical Center in Boston, discusses his upcoming move to head Mayo Clinic's global digital health initiative in collaboration with Google - and why privacy and security are so critical to those efforts.

Geo Focus: Asia

Singapore's 'Fake News' Law Enforcement Draws Criticism

Suparna Goswami • December 5, 2019

Singapore's recent order requiring Facebook to label a blog critical of the ruling government as "false" has drawn harsh criticism. And the action calls into question how the country's new Protection from Online Falsehoods and Manipulation Act might be used to suppress free speech.

Endpoint Security

Cybersecurity Defenders: Channel Your Adversary's Mindset

Mathew J. Schwartz • December 4, 2019

A clear theme Wednesday throughout the first day of the Black Hat Europe conference was the importance of approaching the design and defense of networks and systems by thinking like the enemy.

Application Security

FaceApp Could Pose 'Counter-Intelligence Threat': FBI

Akshaya Asokan • December 4, 2019

The Federal Bureau of Investigation warns that the photo-editing app FaceApp and other applications developed in Russia could be a "potential counter-intelligence threat" to the U.S.

3rd Party Risk Management

A Tale of Two Breach Lawsuits

Marianne Kolbasuk McGee • December 3, 2019

Two vendors serving the healthcare sector have been targeted with breach-related lawsuits. Experts say the incidents at the center of these cases showcase the potential risks posed by vendors.