Developers are expected to level-up their baked-in security measures, but that’s easier said than done. Here are some helpful tips.

TikTok executives met with British policy advisers last Monday, but attendees told the WSJ they remained skeptical of its ability to protect data.

It has become clear that there is little clarity in the law about the obligations an employer owes to its current and former employees

A Chinese city says it has destroyed a billion pieces of personal data collected during the pandemic, as local governments gradually dismantle their coronavirus surveillance and tracking systems after abandoning the country's controversial zero-Covid policy.

New details reveal that Beijing-backed hackers targeted the Association of Southeast Asian Nations, adding to a string of attacks in the region.

The White House on Thursday released an ambitious national cybersecurity strategy that calls for new federal regulation of vulnerable critical infrastructure firms and for software makers to be held liable when their products leave gaping holes for hackers to exploit.

The social media site says that a phishing incident led to the theft of company data but that user data is safe. Reddit says that it was hacked earlier this month, in a security incident that compromised some company data. However, the company says that Redditors have no need to fear because user data was not impacted by the episode—at least, that the company knows of...“so far.”

Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack. A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that on February 5 the company became aware of the “sophisticated” attack targeting Reddit employees. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts,” which redirected employees to a website masquerading as Reddit’s intranet portal in an attempt to steal credentials and two-factor authentication tokens.

A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' has been shared publicly on a hacking forum. BleepingComputer has confirmed the list is the same TSA No Fly list that was discovered recently on an unsecured CommuteAir server.

CAP-M AI will be used to test and learn about cyberthreats

Multiple bugs affecting millions of vehicles from almost all major car brands could allow miscreants to perform any manner of mischief — in some cases including full takeovers — by exploiting vulnerabilities in the vehicles' telematic systems, automotive APIs and supporting infrastructure, according to security researchers.

Major security flaws have been found in Mercedes, Ferrari, and other top luxury cars which could have allowed threat actors to steal the owners’ personally identifiable information, track their vehicles, and in some cases - even unlock and start the cars. Almost two-dozen car brands were affected by the flaws, including top brands such as BMW, Roll Royce, Mercedes-Benz, Ferrari, Porsche, Jaguar, Land Rover, Ford, KIA, Honda, Infiniti, Nissan, Acura, Hyundai, Toyota, and Genesis.

IN AUGUST, THE internet infrastructure company Cloudflare was one of hundreds of targets in a massive criminal phishing spree that succeeded in breaching numerous tech companies. While some Cloudflare employees were tricked by the phishing messages, the attackers couldn't burrow deeper into the company's systems.

Congress passed a large spending package that includes a bill banning TikTok from being used on government devices and new filing fees for mergers.

It’s been two weeks since we reported that Anker’s Eufy lied to us about the security of its security cameras, and we’ve been pushing the company for answers ever since. But the company hasn’t answered a single one of our questions — in fact, I haven’t gotten a single reply since December 1st. Today, on a whim, I thought I’d take a peek at Eufy’s website... maybe find some answers there? Instead, I found that Anker has quietly scrubbed all of its most promising privacy promises from its “privacy commitment” page. It got nerfed — hard.

Is the Government Monitoring you based on the features of your face? The goal of developing facial recognition software is to usher in a new era in which every person who goes out into public spaces may be identified, followed, and filmed as they go about their everyday routines. The government and its business partners are able to identify people and follow their activities in real-time with the use of face recognition technology. This technology works in conjunction with the widespread use of surveillance cameras around the nation.

Democrats and Republicans don't agree on much these days, but have joined forces to unveil bipartisan legislation that would ban TikTok across the US. Representatives on both sides of the political divide in the House of Representatives and Senate have spoken out against what they perceive as a threat to national security.

Google's Project Zero team said it had alerted the chip designer ARM about the GPU bug, and the British chip designer had fixed those vulnerabilities.

CISA says organizations that haven't yet patched VMware systems against Log4Shell should "assume" that they've already been breached.

Kaspersky is stopping the operation and sales of its VPN product, Kaspersky Secure Connection, in the Russian Federation, with the free version to be suspended as early as November 15, 2022. As the Moscow-based company informed on its Russian blog earlier this week, the shutdown of the VPN service will be staged, so that impact on customers remains minimal.