Facebook says it has suspended tens of thousands of apps as part of its ongoing investigation into data misuse that grew out of the Cambridge Analytica scandal. The company won't disclose the affected apps, but an unsealed court filing says it has suspended 69,000.
Artificial intelligence technologies that provide surveillance capabilities can have upsides as well as downsides. Unfortunately, as developers and governments rush to experiment, security, privacy, data protection and liability questions remain unanswered.
The FBI has issued hundreds of subpoenas to major banks, the big three credit rating agencies and other corporations as part of an ongoing counterterrorism program that collects personal and financial data, the New York Times reports.
Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ.
Russian national Andrei Tyurin, who was extradited last year from Eastern Europe to the United States, has stated that he plans to accept a plea deal he's reached with federal prosecutors. Tyurin has been charged with numerous crimes, including hacking JPMorgan Chase and stealing 83 million customer records.
Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 stolen payment card records have turned up in underground markets, says Gemini Advisory.
The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden's memoir. Also featured: An update on Lumen PDF's breach disclosure; insights on financial services identity management issues.
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights.
The crypotmining botnet Smominru, which has been around since at least 2017, has resurfaced with a new campaign that has infected 90,000 devices worldwide, including in the U.S., China and Russia, according to security analysts at Guardicore.
A hacker group called Tortoiseshell has been hitting targets in the Middle East since at least July 2018, apparently targeting IT service providers to gain access to many potential targets at once. The campaign is fresh proof that criminals and nation-state attackers alike continue to favor supply chain attacks.
Phishing incidents have had a big impact on members of Albuquerque, New Mexico-based Presbyterian Health Plan in recent weeks. Two separate, apparently unrelated, attacks potentially exposed a wealth of information on plan members.
Facebook announced this week that it has removed hundreds of fake accounts and pages. The majority of these originated in Ukraine or Iraq and used phony user identifications to spread misinformation in an attempt to influence local politics, the company says.
U.S. Senators Chuck Schumer, D-N.Y., and Tom Cotton, R-Ark., are asking the Federal Communications Commission to reconsider operating licenses granted to two Chinese telecommunications companies, citing concerns over national security and foreign espionage.