Europol, the EU's law enforcement intelligence agency, and the European Commission are launching a new decryption platform to help law enforcement agencies decrypt data that has been obtained as part of a criminal investigation, a move seen as an alternative to weakening encryption.
Lawmakers are pressing government agencies for answers following disclosures this week about an advanced persistent threat group's massive hacking campaign involving compromised SolarWinds Orion network management software. Secretary of State Mike Pompeo said Friday Russians "engaged in this activity."
A 4GB data archive belonging to Panasonic India has been released by a hacker who waged an extortion plot. The company says no highly confidential data was revealed, but a look at the data suggests otherwise.
The U.S. Federal Communications Commission has upheld its designation of Chinese telecom company Huawei as a national security threat, rejecting the firm's appeal of the ruling. Meanwhile, it's starting proceedings that could revoke China Telecom's permission to provide communications services within the U.S.
Permanent Account Numbers and other personally identifiable information of 7 million debit and credit cardholders in India are circulating on darknet discussion forums, an independent security researcher has discovered.
Another federal judge is blocking the Trump administration's attempt to ban the Chinese-made social media app TikTok from being used in the U.S. The White House claims that the data the app collects on American users poses a national security threat.
France's privacy regulator has hit retail giant Carrefour with a $3.7 million fine for violating privacy laws, including GDPR. It's accused of failing to make privacy policies easy to understand, placing advertising cookies without consent and retaining customer data for unreasonable periods of time.
This edition of the ISMG Security Report features an analysis of a serious Apple iOS "zero-click exploit" that could have allowed hackers to remotely gain complete control of a device. Also featured: a discussion of identity proofing challenges and a review of New Zealand's updated Privacy Act.
Microsoft is revamping its controversial "productivity score" in Microsoft 365 so that individual workers can no longer be tracked. The move follows warnings by privacy advocates that the feature was a step too far into the realm of workplace surveillance.
Twenty-five countries are likely using spyware sold by a company called Circles that can snoop on mobile phone calls and text messages, according to The Citizen Lab, a research organization based at the University of Toronto.
Social media poses special risks for minors. Data scientist David Stier, who has discovered leaks of minors' personally identifiable information on Instagram, shares insights on how social media companies should better protect PII.
New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
Google removed two Android apps made by Baidu, a Chinese company, from its Google Play store after security researchers found they were collecting and possibly leaking data that could have been used to track individuals.
In the continuing effort to counter rising cyberthreats, India will roll out the latest version of its proposed Data Protection Bill by early 2021, says Lt. Gen. (Ret.) Rajesh Pant, the national cybersecurity coordinator at the Prime Minister's Office.