After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
European privacy watchdogs say Google and other search engines must comply with "right to be forgotten" link-removal requests not just on their European sites, but across all of their sites, raising fears of EU censorship run amok.
A year after Facebook received a bug report regarding a loophole in its app architecture, the vulnerability remains exploitable, says the researcher who discovered this potential threat to user privacy.
A new U.K. government report accuses social networks of serving as a "safe haven for terrorists," inflaming what some see as tense relations in the post-Snowden era between the British government and Silicon Valley.
Apple CEO Tim Cook traveled to China in the wake of allegations that hackers are targeting Chinese iCloud users. The Chinese government has denied any involvement in the attacks, which can bypass the latest iPhone's stronger encryption.
Apps for wearable devices that are designed to track a user's pulse rate, blood-oxygen level or location may be leaking that data during transmission, Symantec security researcher Candid WÃ¼eest warns in a Black Hat Europe briefing.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
An important lesson to learn from the massive JPMorgan Chase breach is that banks can't just focus on protecting card data and online banking accounts; they also must protect their customers' personally identifiable information.
The development of authentication technologies that could replace the password is "nearing a tipping point," but there's still several years of work to do, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
Apple announces security and privacy changes tied to the release of iOS8, including better data encryption, more secure iCloud backups, and a corporate promise to be more transparent. But it delays release of its HealthKit.
Federal government auditors have identified weaknesses in the technical controls protecting the security of the federally run Obamacare HealthCare.gov website and systems, which they say create increased and unnecessary risks.
Google has launched a seven-city EU tour to discuss the so-called "right to be forgotten." But legal and privacy experts are debating whether Google is seeking an honest and open discussion, or trying to undermine a polarizing European court ruling.
The EU is expected to approve in October an updated data protection law that spells out uniform breach notification requirements, security expert Jacky Wagner explains. The measure would apply to any business that targets Europeans.