Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."
Australia's data regulator has found that Uber interfered with the privacy of 1.2 million of its customers as a result of a 2016 global data breach. Uber says it's made improvements to its systems and its internal security policies.
Global research uncovers IT security leaders’ key strategies for cloud complexity, remote work and supply chain attacks.
Security organizations have always been hard-pressed to keep up with the rising tide of data, the ever-expanding perimeter, and the increasing frequency and sophistication of attacks. Our...
Following revelations that commercial spyware vendor NSO Group was able to exploit the latest model of the Apple iPhone to install surveillance software, experts describe how Apple could be doing more to lock down its iOS mobile operating system as well as curtail attacks by making them much costlier to run.
A proposed $2.7 million settlement has been reached in a lawsuit filed against the University of Pittsburgh Medical Center in the wake of a 2014 data breach that exposed tens of thousands of employees' personal information and resulted in tax fraud.
Can NSO Group and other commercial spyware vendors survive the latest revelations into how their tools get used? The Israeli firm is again being accused of selling spyware to repressive regimes, facilitating the surveillance of journalists, political opponents, business executives and even world leaders.
Many security experts and analysts are applauding the U.S. for calling out China's cyber behavior, especially after the White House had focused so much attention on Russia's cyber activities. But some are calling for bolder action.
The leaking of an alleged target list of 50,000 individuals, tied to users of NSO Group's Pegasus spyware, has prompted questions over the scale of such surveillance operations, if the use of commercial spyware gets sufficiently policed and whether the sale of spyware to certain countries should be blocked.
Campbell Conroy & O’Neil, a Boston-based law firm that serves Fortune 500 firms, including Apple and Pfizer, is continuing its investigation of a ransomware attack in February that resulted in unauthorized access to certain data about its clients.
Security researchers identified flaws in messaging app Telegram's cryptographic protocol, MTProto, that enabled intruders to access encrypted chats and alter the messages. Those flaws have since been patched.
A leak of 50,000 telephone numbers and email addresses led to the "Pegasus Project," a global media consortium's research effort that discovered how Pegasus spyware developed by NSO Group is being used in the wild.
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Two states have recently taken steps to bolster cybersecurity and data privacy protections. Connecticut has enacted a law designed to give certain legal protections to businesses that adhere to cybersecurity frameworks. And a new data privacy law in Colorado allows individuals to opt out of data collection.
The insurance company CNA Financial Corp. has acknowledged that the cyber incident the company sustained in March was a ransomware attack and that it has notified 75,000 individuals that their data may have been compromised