Did the gang behind GandCrab fake its retirement? Security experts say there's mounting evidence that the operators of the notorious ransomware-as-a-service operation only announced their retirement after ramping up the rival Sodinokibi/REvil service.
Airports across the globe are increasingly leveraging facial recognition technology to verify and authenticate passengers. But some privacy advocates have raised concerns, especially in India, where several airports are ramping up facial recognition programs.
Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says.
A newly discovered remote access Trojan called Dtrack has been targeting banks in India for well over a year, Kaspersky researchers say. The malware, which can steal data from ATMs and doubles as a cyberespionage tool, appears to be linked to North Korea's Lazarus Group.
A week after the Emotet botnet crept back to life, the attackers behind it are already trying a new way to ensnare victims - using Edward Snowden's newly released memoir as a phishing lure, according to the security firm Malwarebytes.
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
Russian national Andrei Tyurin pleaded guilty to perpetrating massive hack attacks against leading U.S. financial services firms and others from 2012 to mid-2015. Victims included JPMorgan Chase, from which he stole details of 83 million customer accounts.
Malindo Air in Malaysia is blaming a recent data breach that exposed the personal information of millions of passengers on two former employees of a third-party supplier to the airlines. Customers of a sister company, Thai Lion Air in Thailand, were also affected, according to Reuters.
Facebook says it has suspended tens of thousands of apps as part of its ongoing investigation into data misuse that grew out of the Cambridge Analytica scandal. The company won't disclose the affected apps, but an unsealed court filing says it has suspended 69,000.
A misconfiguration in a Google Calendar function that allows Google to index calendars raises serious privacy concerns because it could lead to inadvertent, broad public exposure of calendars that contain sensitive information, including corporate details, a researcher reports.
Rear Admiral Mohit Gupta, who was recently appointed chief of India's new Defense Cyber Agency, has made a series of recommendations for top action-items. But will the government actually carry out his priorities?
Artificial intelligence technologies that provide surveillance capabilities can have upsides as well as downsides. Unfortunately, as developers and governments rush to experiment, security, privacy, data protection and liability questions remain unanswered.
Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ.
Russian national Andrei Tyurin, who was extradited last year from Eastern Europe to the United States, has stated that he plans to accept a plea deal he's reached with federal prosecutors. Tyurin has been charged with numerous crimes, including hacking JPMorgan Chase and stealing 83 million customer records.