Who's surprised Chinese military hackers allegedly hacked Equifax? For a foreign power that continues to attempt to amass personal information on its adversaries, targeting a business that gets rich by buying and selling Americans' personal data remains an obvious play.
Which cybersecurity topics are hot? One topical answer to that question comes via the upcoming RSA Conference 2020. Organizers say they received 2,400 responses to their call for speakers, and they've have highlighted 10 predominant themes, including secure design, frameworks, privacy and the human element.
As former U.K. Prime Minister Theresa May famously declared: "Brexit means Brexit." But what Britain's exit from the EU means for the nation's data privacy rules and future EU-U.K. data flows remains to be seen, as the country navigates its post-Brexit transition period.
Facebook scientists have proposed using "radioactive data" watermarks to identify when online images get used to train neural networks. The proposal appears to be aimed at the rise of big data startups, such as Clearview AI, that are scraping publicly available photographs to create facial recognition tools.
British leaders' failure to more quickly choose and pursue a specific path for the nation's 5G rollout meant that ultimately, the decision got made for them, despite many security concerns persisting over the use of Chinese-built telecommunications gear.
Scammers are blackmailing users of infidelity-focused dating site Ashley Madison using leaked data from 2015, warns security firm Vade Secure. The sextortion shakedown is a reminder that while data breaches may be a blip for corporate entities, for individual breach victims, the impact may last forever.
The British government continues to delay deciding whether it will ban Chinese networking gear from its national 5G rollout, as the Trump administration demands. But with future trade deals on the line as the U.K. navigates its "Brexit" from the EU, Britain cannot afford to anger either Beijing or Washington.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
Wanted: A new chief executive to assume command of Britain's growing National Cyber Security Center, part of GCHQ. As Ciaran Martin departs, the successful NCSC model he helped create is being widely emulated in many countries. But the U.S. remains a notable holdout.
Warning: Attackers wielding LockerGoga and MegaCortex ransomware have been hitting large corporate networks, sometimes first lingering for months. That's according to a new FBI flash alert, as reported by Bleeping Computer, which essentially tells would-be victims: Please, get your defenses in order now.
The gang behind Maze ransomware has begun publicly identifying its victims and listing data that it exfiltrated from systems before leaving them crypto-locked. The intent is clear: By naming and shaming victims, the Maze gang is trying to compel them to pay.
Black Hat Europe returned to London last week, featuring two days of briefings covering topics from cryptography and breach response to exploit development and application security. Plus, a packed business hall offered technical demonstrations. Here are visual highlights of the event.
The U.S. Federal Trade Commission has sanctioned data analytics firm Cambridge Analytica for misusing Facebook users' personal details as part of voter-targeting campaigns. Just one problem: The firm declared bankruptcy in May 2018. Meanwhile, voter microtargeting continues unchecked.
This year's Black Hat Europe conference in London features dozens of briefings touching on a wide variety of topics, including exploiting contactless payment and Bluetooth vulnerabilities, identifying vulnerable OEM IoT devices at scale and running false-flag cyberattacks.