Attorney Stephen Wu of Silicon Valley Law Group

AI, Machine Learning and Robotics: Privacy, Security Issues

Marianne Kolbasuk McGee • December 6, 2019

The use of artificial intelligence, machine learning and robotics has enormous potential, but along with that promise come critical privacy and security challenges, says technology attorney Stephen Wu.

3rd Party Risk Management

To Survive a Data Breach, Create a Response Playbook

Latest

Artificial Intelligence & Machine Learning

8 Takeaways: Black Hat Europe's Closing 'Locknote' Panel

Mathew J. Schwartz • December 8, 2019

Security experts speaking on the ending "locknote" panel at this year's Black Hat Europe highlighted trends from the conference, including the rise of fuzzing, simplification via the cloud, increasing vendor transparency as well as the industry too often still failing to focus on the basics.

Account Takeover

Two Russians Indicted Over $100M Dridex Malware Thefts

Jeremy Kirk • December 6, 2019

Two Russian men have been charged with stealing more than $100 million from banks around the world using the notorious Dridex malware, according to an unsealed U.S. indictment that caps off a decade-long investigation led by American and British law enforcement agencies.

Critical Infrastructure Security

How the Adversarial Mindset Is Making Cybersecurity Better

Mathew J. Schwartz • December 6, 2019

Applying offensive hacking expertise and a more adversarial mindset to better hone not just network defenses but also public policy is proving effective, says Jeff Moss, founder and creator of the Black Hat conference.

Endpoint Security

Analysis: Smart TV Risks

Nick Holland • December 6, 2019

The latest edition of the ISMG Security Report offers an analysis of the FBI's security and privacy warnings about smart TVs. Also featured: discussions on the security of connected medical devices and strategies for fighting synthetic identity fraud.

Cybercrime

Skimming Campaign Leveraged Heroku Cloud Platform: Report

Akshaya Asokan • December 5, 2019

Several e-commerce sites were targeted with a card skimming campaign that used the Salesforce-owned Heroku cloud platform to host skimmer infrastructure and stolen credit card data, according to a new report from the security firm Malwarebytes.

Governance

GOP Federal Privacy Bill Would Supersede CCPA

Suparna Goswami • December 5, 2019

After several moves by Democrats to introduce federal privacy legislation, Republican Senator Roger Wicker on Tuesday unveiled a draft consumer privacy bill, the United States Consumer Data Privacy Act of 2019, that would override various state laws on privacy, including the California Consumer Privacy Act.

Endpoint Security

Cybersecurity Defenders: Channel Your Adversary's Mindset

Mathew J. Schwartz • December 4, 2019

A clear theme Wednesday throughout the first day of the Black Hat Europe conference was the importance of approaching the design and defense of networks and systems by thinking like the enemy.

Endpoint Security

FBI Warns of Smart TV Dangers

Jeremy Kirk • December 4, 2019

The FBI has a new suspect in its sights, and there's one in nearly every home: smart TVs. It warns consumers to be wary because the devices can pose privacy and security threats - an unsecured smart TV could be the avenue hackers use to gain access to a home network.

Application Security

FaceApp Could Pose 'Counter-Intelligence Threat': FBI

Akshaya Asokan • December 4, 2019

The Federal Bureau of Investigation warns that the photo-editing app FaceApp and other applications developed in Russia could be a "potential counter-intelligence threat" to the U.S.

3rd Party Risk Management

Analysis: Vendor Contract Changes Under CCPA

Suparna Goswami • December 3, 2019

Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.

Governance

TrueDialog Unsecure Database Exposes SMS Data: Report

Akshaya Asokan • December 2, 2019

Researchers uncovered an unsecured database belonging to TrueDialog, a business SMS texting solutions provider, which exposed data on millions, including text messages, names, addresses and other information, according to a report by VPNMentor researchers. The database has since been closed.

Application Security

Mixcloud Breach Affects 21 Million Accounts

Jeremy Kirk • December 2, 2019

Digital streaming platform Mixcloud says it's the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data on 21 million users is for sale in an underground market.