data protection - News, Features, and Slideshows

News

• Senate delays vote on CISA cyberthreat info sharing bill

  Privacy concerns have delayed a U.S. Senate vote on a controversial cyberthreat information-sharing bill until lawmakers return from a month-long recess.

• File sync services provide covert way to control hacked computers

  File synchronization services, used to accommodate roaming employees inside organizations, can also be a weak point that attackers could exploit to remain undetected inside compromised networks.

• Senate heads toward vote on CISA cyberthreat info sharing bill

  The U.S. Senate could take a preliminary vote as soon as Wednesday on a controversial bill intended to encourage businesses to share cyberthreat information with each other and with government agencies, despite concerns that the legislation would allow the widespread sharing of personal customer data.

• Opponents focus on defeating CISA cyberthreat info sharing bill

  Opponents of a U.S. Senate bill intended to encourage businesses to share information about cyberthreats may have stalled a vote on the legislation.

• Groups urge Obama to oppose cyberthreat sharing bills

  U.S. President Barack Obama should oppose legislation intended to let businesses share cyberthreat information with each other and with government agencies because the bill would allow the sharing of too much personal information, a coalition of digital rights groups and security experts said.

• NSA will lose access to 'historical' phone surveillence data Nov. 29

  The U.S. National Security Agency will lose access to the bulk telephone records data it has collected at the end of November, the Office of the Director of National Intelligence announced Monday.

• Even without breaches, don't count on websites to hide that you have an account with them

  Companies often fail to hide if an email address is associated with an account on their websites, even if the nature of their business calls for this and users implicitly expect it.

• EU air passenger data retention system ready for take-off, says Parliament

  Air passengers entering or leaving the European Union could soon have their personal details stored and shared among EU countries, after lawmakers voted Wednesday to move forward with the proposal.

• Software developers are failing to implement crypto correctly, data reveals

  Despite a big push over the past few years to use encryption to combat security breaches, lack of expertise among developers and overly complex libraries have led to widespread implementation failures in business applications.

• The government is falling behind on application security

  Government organizations are struggling when it comes to securing the computer software they use, which could partially explain the large data breaches reported in that sector over the past several years.

• US, UK spies said to attack security software

  Spies working for the U.S. National Security Agency and its British counterpart found anti-virus and security software a hindrance to their intelligence gathering processes, and worked to thwart it, according to a report Monday in The Intercept.

• Samsung to plug security hole on Galaxy smartphones

  Samsung will update the security software on its Galaxy smartphones to address a flaw that researchers warned could let attackers access people's devices.

• EU Council OKs contentious data privacy plan, pushing reform forward

  The EU Council has issued a long-awaited, hotly debated plan for online privacy, moving the EU's reform of data-protection laws closer to reality.

• Facebook's privacy problems in Belgium highlight weaknesses in EU legislation

  A Belgian privacy lawsuit targeting Facebook highlights the difficulties national regulators will face policing the activities of international Internet companies until new privacy laws are passed.

• Right to be forgotten applies to all Google domains, rules French privacy authority

  Google must respect the European Union's 'right to be forgotten' court ruling on all its sites, not just those it says target EU countries, the French data protection authority has ruled, giving the company 15 days to comply.