February 1, 2012 - As legislators grapple with increasingly vocal smartphone owners concerned with privacy, a new Bill before the U.S. House of Representatives aims to require mandatory consumer consent prior to allowing the collection or transfer of data on such devices. You may recall (continue reading...) Read more
January 23, 2012 - In an escalation of the tendency to require companies to be forthright with their users following a breach, a European Union proposed bill intended to overhaul a 17-year old law is making progress. This week EU will outline the overhaul (continue reading...) Read more
January 17, 2012 - We read that Zappos.com was breached on Sunday, to the tune of 24+ million users’ worth of information. But it seems at first blush they responded well. Of course, a company would hope to never have a breach at (continue reading...) Read more
December 30, 2011 - Newton's 3rd law is often stated as "for every action there is an equal and opposite reaction." Actually, what Newton actually said is a little more complex* than that, but this article isn't about physics (or else I'd leave (continue reading...) Read more
December 29, 2011 - Recently we noted that unencrypted credit card storage was on the rise in 2011, and also highlighted the expense involved to the company in the event of a credit card breach. Now we see personal data – including (continue reading...) Read more
December 14, 2011 - In 2011 we saw an increase concern about, and scrutiny of, what exactly social networking sites do with the data you input, both internally as well as what gets shared with third parties. But in 2012 some of that scrutiny (continue reading...) Read more
December 13, 2011 - A phishing campaign targeting users of Telstra Bigpond, Australia's largest ISP, is urging users to confirm their billing information or risk suspension. All pretty run-of-the-mill, but neatly timed given that Telstra suffered a data breach of customer information last Friday. (continue reading...) Read more
December 6, 2011 - We bought a stash of USB keys at a major transit authority's Lost Property auction, and took a look at the sort of information people leave on the train. Two-thirds of the keys were infected with malware, and nothing on any (continue reading...) Read more
December 1, 2011 - Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. (continue reading...) Read more
November 10, 2011 - Steam, the online empire of computer game behemoth Valve Corporation, has issued details of the hack it suffered last weekend. If you're a Steam user, find out what you should be doing next... (continue reading...) Read more
November 2, 2011 - ESET's Threat Report for October has just gone up on the ESET Threat Center page. Apart from information on the Top Ten Threats of the month, it also includes: An article by ESET Ireland's Urban Schrott on how (continue reading...) Read more
October 18, 2011 - We see yet another breach hitting the headlines from a Massachusetts Healthcare Service provider, Spectrum Health Services. It seems during a break-in a hard drive was stolen, which contained names, addresses, phone numbers, dates of birth, Social Security numbers, (continue reading...) Read more
October 5, 2011 - Citing weaknesses in security controls at 24 major agencies, a new report by the U.S. Government Accountability Office (GAO) charts the stellar rise in incidents, and tries to highlight what went wrong. Just today my colleague Stephen Cobb (continue reading...) Read more
September 26, 2011 - Unless you specifically cancel the 2-way communication aspect, the default setting will be to continue a communication link to OnStar once the subscription expires, raising the ire of customers who wonder what the company does with the data. OnStar says (continue reading...) Read more
September 23, 2011 - This morning we recorded a podcast posing the question “can legislation solve cybercrime?” Well, The Senate Judiciary Committee seems eager to play a part, passing a measure yesterday attempting to thwart computer attacks. Measure S.1151 sets a national standard for (continue reading...) Read more
September 22, 2011 - Google+ seems to be continuing building steam and putting itself on the map as a contender, not merely an also-ran to the Facebook behemoth. Part of its strategy is to enforce the use of real names, not just the more (continue reading...) Read more
September 22, 2011 - Since 2010 that is, following a law enacted in 2007 that requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. Attorney General Martha Coakley’s office (continue reading...) Read more
September 21, 2011 - One of the recurring themes of the past few years in the UK is data lost by the public sector on USB drives, CDs and so on. The National Health Service seems to have been particularly prone to this sort (continue reading...) Read more
September 15, 2011 - Following the recent spree of data breaches at Sony, resulting in a bevy of class-action lawsuits, it has updated the Terms of Service to preclude future class action suits from being leveled. To be sure, Sony has had sleepless nights (continue reading...) Read more
August 25, 2011 - July and August - summer in the Northern Hemisphere, especially in Nevada and California - often produce some interesting and unusual computer security research. This is when (continue reading...) Read more