Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Investors aim to 'save' bitcoin exchange Mt. Gox

After suffering a massive bitcoin theft, the exchange faces liquidation of its assets in Japan.

Federal watchdog says SEC security issues put financial data at risk

Federal watchdog says SEC security issues put financial data at risk

According to the U.S. Government Accountability Office (GAO), SEC, among other lapses, failed to adequately oversee a contractor, which migrated its financial system to a new data center.

Contempt order against Lavabit still stands, appeals court rules

Contempt order against Lavabit still stands, appeals court rules

A federal appeals court backed an earlier ruling penalizing the email service.

Researchers uncover critical flaws impacting satellite communications

Researchers uncover critical flaws impacting satellite communications

Critical security issues that leave satellite communications vulnerable to being intercepted, manipulated or blocked were detailed in a white paper.

German Aerospace Center discovers spy malware on network

The possibly foreign malware affected all computer systems and left little for investigators to work from because it was designed to self-destruct.

Pentagon to triple its security workforce by 2016

Pentagon to triple its security workforce by 2016

Defense Secretary Chuck Hagel recently announced the recruitment efforts during a speech in Fort Meade, Md.

New Wisconsin law restricts employer access to personal accounts

The law, Wis. Stat. Section 995.55, was enacted last week.

Kentucky becomes 47th state to pass data breach notification laws

After a Kentucky bill passed on Thursday, only three states remain that do not have any data breach notification laws.

Heartbleed bug not leveraged for surveillance, NSA says

Heartbleed bug not leveraged for surveillance, NSA says

After a Bloomberg article reported that unnamed sources indicated that the NSA knew of the major flaw and utilized it for surveillance purposes, the agency denied the claims.

Federal appeals court overturns conviction of AT&T hacker "weev"

A federal appeals court determined that New Jersey was the wrong venue to convict and sentence AT&T hacker Andrew "weev" Auernheimer.

DHS puts critical infrastructure on 'Heartbleed Bug' alert

DHS puts critical infrastructure on 'Heartbleed Bug' alert

This week, critical infrastructure operators were notified of potential threats arising from the critical OpenSSL flaw.

Canadian privacy bill floats $100k fine per breach victim not notified

Introduced Tuesday, the Digital Privacy Act includes stiff penalties for organizations that fail to adequately respond to breaches.

More states look into Experian co. breach exposing 200 million records

Efforts are now reportedly underway in Iowa and North Carolina as part of a multistate probe.

Judge denies Wyndham motion challenging FTC authority

Judge denies Wyndham motion challenging FTC authority

The court battle began when the FTC filed a 2012 complaint against hotelier Wyndham, accusing it of deceptive and unfair practices against consumers following data breaches.

Utah law shields electronic device locations and communication content

Under the reforms, state and local law enforcement must obtain search warrants to access electronic devices' location information and electronic communications content.

Connecticut, Illinois to investigate massive breach at Experian co.

Connecticut, Illinois to investigate massive breach at Experian co.

The breach struck Experian subsidiary, Court Ventures, and compromised the personal and financial data of more than 200 million Americans.

Google pays $1 million fine for Street View privacy violations

Google paid more than $1 million to Italy after a regulator found the company's Street View cars violated citizens' privacy by taking photos without their knowledge and permission.

Researchers uncover NSA tool, enables faster cracking of flawed algorithm used by RSA

Researchers uncover NSA tool, enables faster cracking of flawed algorithm used by RSA

Researchers have uncovered an NSA tool, known as "Extended Random," that enables the government agency to more quickly crack a flawed community-developed encryption algorithm.

Debate: Should Edward Snowden be granted amnesty?

In this month's debate, experts discuss whether whistleblower Edward Snowden should be granted amnesty.

Fandango, Credit Karma settle FTC charges of poor app security

Fandango, Credit Karma settle FTC charges of poor app security

The companies were accused of failing to securely transmit credit card data, Social Security numbers, and other sensitive data collected by their mobile apps.

Sony's insurer not required to back company over PlayStation hack, court rules

Sony and its insurer Zurich were embroiled in an immunity lawsuit for years.

Gov't snooping drives companies away from cloud adoption, study finds

Of the respondents participating in a just released survey, 33 percent indicated that they are less likely to adopt the cloud due to fears of government surveillance.

Univ. of Maryland hackers used trojan to steal IT credentials, access database

Univ. of Maryland hackers used trojan to steal IT credentials, access database

University President Wallace Loh told Senate members that the attackers cloaked their activity by using the Tor network.

Turkish court rules to end ban on Twitter

On Wednesday, a court in Ankara, Turkey overturned the government's ban on Twitter, according to a report by The New York Times.

President to propose legislation to halt bulk collection of phone data

President to propose legislation to halt bulk collection of phone data

Along with the White House's legislative proposal, the House Intelligence Committee also introduces its own bill tackling the NSA surveillance practice.

Feds tip off more than 3k companies about hacks in 2013

Federal officials notified more than 3,000 U.S. companies in 2013 that their computer networks were compromised, according to a report by the Washington Post.

Huawei responds to leaks detailing NSA hack of firm's networks

Huawei responds to leaks detailing NSA hack of firm's networks

Recent Snowden leaks allege that the NSA targeted Chinese telecom firm Huawei for corporate data, including product source code.

Obama and tech executives discuss privacy

The CEOs of Netflix, Dropbox, Facebook, Palantir and Boxs, as well as the executive chairman of Google, met with President Obama to vent concerns over government surveillance efforts and their repercussions in the tech industry.

NSA hacks system admins to gain access through gatekeepers, leaks reveal

NSA hacks system admins to gain access through gatekeepers, leaks reveal

Snowden leaks detail the agency's practice of going after the gatekeepers of networks to gather intel.

Twitter banned in Turkey

According to reports, the Turkish Prime Minister vowed in a speech to "eradicate Twitter."

"Gangs Beyond Borders" report charts Calif.'s battle with cyber crime

"Gangs Beyond Borders" report charts Calif.'s battle with cyber crime

On Thursday, California Attorney General Kamala Harris released the 118-page report on international criminal groups targeting the state.

Agency begins analysis of U.S. gov't surveillance programs

The Privacy and Civil Liberties Oversight Board plans to release a report on government programs later this year, and hosted a public meeting to kick off its research.

Plaintiffs denied class-action status in Gmail scanning lawsuit

In the case, plaintiffs accused Google of illegally scanning the contents of Gmail users' emails for targeted advertising purposes.

No employees fell for failed Army phishing test

An Army combat commander seeking to test employee awareness of phishing emails failed badly when he sent one out on his own and caused mass confusion - but no staffers fell for the fake scam, making it something of a success.

IBM to clients: No data, source code handed over to NSA

IBM to clients: No data, source code handed over to NSA

The software and IT services giant published an open letter to its clients on Friday.

Mark Zuckerberg calls President Obama over gov't snooping concerns

In addition to phoning President Obama, Facebook's CEO published his thoughts on the social networking site.

Syrian Electronic Army claims it obtained U.S. Central Command docs via hack

Syrian Electronic Army claims it obtained U.S. Central Command docs via hack

On Friday, the hacktivist group threatened to release the data, including "hundreds of documents" it obtained, in coming days.

HHS CISO talks new threat briefings, alerts for health industry

HHS CISO talks new threat briefings, alerts for health industry

On Thursday, Kevin Charest, the U.S. Department of Health and Human Services CISO, spoke to SCMagazine.com about the new initiative.

EU moves to pass data protection laws

The data laws passed a Parliament vote and now the 28 European Union members must give their accord.

Head of Senate intelligence group accuses CIA of hacking committee's computers

Sen. Dianne Feinstein divulged the information during a Tuesday speech on the Senate floor.

Snowden documents reveal massive malware-based NSA surveillance effort

Snowden documents reveal massive malware-based NSA surveillance effort

The NSA is using an automated system to infect millions of computers across the globe with malware that will enable all sorts of advanced surveillance, according to a report by The Intercept, based on Snowden documents.

Atlanta chain banned from using software to spy via rental computers

The Federal Trade Commission approved the final order on Tuesday, settling charges launched against rent-to-own chain Aaron's.

NSA ordered to halt plans to destroy phone data records

A federal judge ordered the National Security Agency (NSA) to stop destroying millions of phone records until at least March 19.

Health law needs reform, says provincial privacy watchdog

The Albertan Information and Privacy Commissioner has formally asked the government to amend the province's Health Information Act with mandatory breach reporting and notification measures.

NSA request to retain data over five years denied by FISA court

The NSA had requested that the court extend the retention period for phone records obtained through its controversial surveillance program.

Feds move to dismiss 11 charges against Barrett Brown

Brown, a writer and activist who is known as one of the online faces of Anonymous, faced charges related to sharing a link to a dump of credit card numbers connected to the Stratfor breach.

Court opinion shows Fla. police tracked hundreds of cell phones without warrants

A police department used a "stingray" cell phone tracking device without a judge-issued warrant to pinpoint a suspected criminal's location.

TrustyCon: Privacy advocates challenge government's sweeping data access

Privacy experts held a candid talk on government methods for obtaining citizen information, and on how the industry can help buffer unfettered data collection.

TrustyCon: Malware expert Mikko Hypponen kicks off conference on "trust"

In light of the RSA-NSA controversy, a number of speakers, who originally planned to speak at RSA Conference 2014, pulled out and formed a lineup for TrustyCon.

RSA 2014: Clarke, Hayden call for changes in intelligence-gathering

Cyber security guru Richard Clarke and General Michael Hayden discussed the much-maligned NSA spying program during the RSA Conference.

B-Sides SF: U.S. government a 'threat' to the future of encryption

Christopher Soghoian, of the ACLU (American Civil Liberties Union), concluded his speech at BSides San Francisco with the observation that developers building encryption models need to consider the US government a threat.

RSA 2014: Richard Clarke speaks on rebuilding trust with the NSA

Richard Clarke kicked off the CSA Summit 2014 by discussing his observations about the NSA surveillance controversy.

Closing the cyber security threat intelligence gap

Closing the cyber security threat intelligence gap

The need for cyber threat intelligence sharing is still vital, and with Congress sidelined, it's going to take leadership from the nation's corporate executives to make progress on this issue within the framework of our current laws.

NIST releases security framework for critical infrastructure

NIST releases security framework for critical infrastructure

On Wednesday, NIST published the 41-page guidance after months of feedback from the community.

Northern Ireland's DOJ fined more than $240k over data breach

Northern Ireland's Department of Justice has been handed a fine of more than $240,000 by the Information Commissioner for a data breach that involved the personal information of terrorist attack victims.

Snowden used web crawler to scrape gov't data

Whistleblower Edward Snowden used a simple and low-cost web crawler to tap into the troves of government data he leaked.

California lawmakers to propose mandatory "kill switch" installation

The new security implementation would be mandatory by Jan. 1, 2015. All phones sold in California after that date would have to have a kill switch installed.

Twitter asks for additional transparency on gov't data requests

Following the new rules regarding transparency reports by Department of Justice, the social media giant believes further information should be shared, and may seek legal options to protect its First Amendment rights.

French court requires Google to publicly admit privacy violation

Google must post a notice on its French homepage stating that it has been fined more than $200,000 for privacy violations.

New legislation empowers telecom companies in Turkey

New legislation empowers telecom companies in Turkey

A new bill approved by Turkish Parliament will ensure government control over the internet.

Hackers compromise NBC reporter's laptops, smartphone in Russia

An NBC News reporter set up two laptops and a smartphone in Russia to demonstrate Olympics cyber threats.

Report: U.S. officials suspect developers in Belarus compromised healthcare.gov

U.S. intelligence agencies were concerned that developers, with ties to Belarus, helped "produce the website," The Washington Free Beacon reported.

Report highlights results of Waking Shark II simulated cyber attack

The Bank of England has released the results of Waking Shark II, a Nov. 12, 2013, four-hour simulated cyber attack in London involving hundreds of financial institutions that was designed to test the city's cyber security readiness.

Senator releases report on government's poor security track record

In a Tuesday report, Sen. Tom Coburn noted numerous government oversights pertaining to securing sensitive data and critical infrastructure operations.

Study: 3 out of 4 defense contractors changed security practices in light of Snowden leaks

A security firm highlighted the ways that U.S. defense contractors have reassessed their security programs to stave off insider threats.

Chaos Computer Club sues German gov't for aiding NSA

European hacker association Chaos Computer Club is suing the German government for allegedly breaking the law and aiding foreign intelligence agencies to spy on citizens.

Tech experts look to establish facial recognition software guidelines

A group of technology industry experts will meet this Thursday to discuss facial recognition technologies and take the first steps toward establishing guidelines for future technology.

Top corporations release new data on government requests for info

Top corporations release new data on government requests for info

After winning a battle against the U.S. Department of Justice, some of the biggest technology and internet corporations began releasing updated transparency reports on Monday.

Threat of the month: Government agencies

Threat of the month: Government agencies

The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments.

A fine mess: Global data breach legislation

A fine mess: Global data breach legislation

Global consensus on data breach legislation is still evolving, but fear of brand damage is pushing reform, reports James Hale.

Advanced malware: The growing cyber menace

Advanced malware: The growing cyber menace

After a quiet year on the advanced malware front, we could soon see more activity, says the Atlantic Council's Jason Healey. Karen Epper Hoffman reports.

Canada agency zeroed in on traveler devices connected to airport Wi-Fi

Canada agency zeroed in on traveler devices connected to airport Wi-Fi

This time, Snowden leaks reveal the spy tactics of a communications intelligence agency in Canada, which leveraged Wi-Fi in a major airport to track travelers' comings and goings.

FBI alerts Ohio company of breach involving Social Security numbers

The FBI alerted Ohio-based State Industrial Products that the personal information of an undisclosed number of current and former employees may be at risk.

DOJ gets involved in Target breach investigation

The U.S. Department of Justice is investigating retail chain Target's recent data breach. U.S. Attorney General Eric Holder confirmed the department's involvement in a Senate Judiciary Committee hearing.

NSA hires first-ever privacy and civil liberties officer

The National Security Agency hired its first privacy and civil liberties officer this week in response to an order from President Obama.

Report: Microsoft calms Australian Parliament fears of NSA backdoor

The news comes in response to November claims that Parliament members' communications were being monitored by U.S. spies.

DOJ: Firms can disclose more info on gov't data requests

The news comes soon after President Obama called for the government to be more forthcoming about requests it makes for service provider data.

Email hackers and customers busted in worldwide operation

The FBI has arrested five United States email hacking operators and customers as part of a worldwide operation involving Romania, India and China.

Leaks reveal early NSA plans to extract data from popular mobile apps

Leaks reveal early NSA plans to extract data from popular mobile apps

Widely used apps, like Angry Birds, and mobile platforms for Facebook, Twitter and other social networking services, were a target for the NSA, leaks reveal.

Malware identified in attack against Israeli organizations

An advanced remote access trojan known as Xtreme RAT has been identified by Seculert Research Lab as the malware used in an attack on Israeli organizations that impacted 15 machines.

Russian lawmaker says Snowden's asylum may be extended

Edward Snowden's stay in Russian could be longer than expected after a Russian legislator alluded to the country possibly extending his asylum.

Verizon: 2013 law enforcement requests for consumer data top 320,000

Verizon is the first major carrier to publish a transparency report detailing federal, state and local requests for user data.

Companies settle over false data security framework compliance claims

The Federal Trade Commission has charged 12 companies with falsely claiming to comply with the U.S.-EU Safe Harbor Framework.

Report: Russia copies China's espionage "play book"

Researchers have revealed that Russia is behind hundreds cyber espionage campaigns targeting American, European and Asian companies.

Defect in Veterans Affairs eBenefits site results in data compromise

The Department of Veterans Affairs eBenefits website experienced a software defect that possibly resulted in a compromise of medical and financial information.

Obama calls to move trove of telephone data out of NSA's possession

On Friday, President Obama gave his attorney general and the NSA 60 days to determine how the trove of phone data will be held moving forward.

Target to testify at government data security hearing

Target, as well as law enforcement officials and other witnesses, will testify in front of the Commerce, Manufacturing, and Trade subcommittee in the first week of February to discuss data breaches and their effect on consumers.

Critical infrastructure cyber bill gets go-ahead from Homeland Security committee

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 was introduced last month in a bipartisan effort by four lawmakers.

Why wasn't healthcare.gov security properly tested?

Why wasn't healthcare.gov security properly tested?

Anyone designing a new system such as this should take security into account from the beginning. The amount of personal information that could be harvested by any breach is truly alarming.

Study highlights lax mobile security practices among gov't employees

In the study, 31 percent of respondents admitted to using public Wi-Fi on work-related mobile devices, while 52 percent failed to use multi-factor auth or data encryption methods to secure data.

Leaks detail NSA's arsenal for targeting disconnected computers

Leaks detail NSA's arsenal for targeting disconnected computers

Classified government documents revealed how the intelligence agency even targets computers not connected to the internet.

House passes bill that mandates two-day Affordable Care Act breach notification

The House of Representatives banded together to pass the Health Exchange Security and Transparency Act, which mandates two-day notification where PII is compromised under the Patient Protection and Affordable Care Act.

Study: NSA surveillance programs have done little to stop terrorism

National Security Agency surveillance has done little to stop terrorism, according to a study released on Monday by New America, a public policy institute.

Lawmakers demand answers from DOJ on Swartz's harsh prosecution

A year after his suicide, eight lawmakers have tapped the Department of Justice about unanswered questions regarding Aaron Swartz's "aggressive prosecution."

Obama and lawmakers meet to debate NSA metadata collection

President Barack Obama met yesterday with senior lawmakers to discuss ending the National Security Agency's surveillance of Americans' telephone records.

Credo Mobile first telecom firm to publish transparency report

Credo Mobile published its transparency report before major carriers Verizon and AT&T, which claimed reports from its companies would come early this year.

Calif. senators intro bill to stop state from aiding NSA spying

Calif. senators intro bill to stop state from aiding NSA spying

State agencies would be banned from helping warrantless snooping, along with corporations that provide services to the state of California.

Target breach spurs Vermont senator to reintroduce data privacy bill

A Vermont senator has once again brought a bill to Congress that, if passed, would establish a national standard for data breach notification, as well as toughen up penalties for computer hacking crimes.

News of NSA contract rouses speaker dropouts at RSA conference

News of NSA contract rouses speaker dropouts at RSA conference

The RSA Conference is set to convene the last week in February, but several respected researchers and experts have canceled their appearances.

Sign up to our newsletters

POLL