Tag Archives | Security

China’s New Cybersecurity Program: NO Place to Hide

from China Law Blog The Chinese government has been working for several years on a comprehensive Internet security/surveillance program.  This program is based on the Cybersecurity Law adopted on 2016. The plan is vast and includes a number of subsidiary laws and regulations. On December 1, 2018, the Chinese Ministry of Public Security announced it […]

Continue Reading 17

Google Play Apps Laden With Ad Malware Were Downloaded By Millions Of Users

from ars technica This week, Symantec Threat Intelligence’s May Ying Tee and Martin Zhang revealed that they had reported a group of 25 malicious Android applications available through the Google Play Store to Google. In total, the applications—which all share a similar code structure used to evade detection during security screening—had been downloaded more than […]

Continue Reading 25

Recent Decision: D.C. Circuit Rules That OPM Breach Victims Have Standing to Sue

from Lawfare With data breach incidents on the rise, federal courts are grappling with the issue of standing in class action lawsuits arising from data breaches. As Lawfare has covered previously, there is arguably a circuit split over whether plaintiffs can establish an “injury in fact,” one of three constitutional standing requirements, on the grounds […]

Continue Reading 8

Encrypted DNS Could Help Close the Biggest Privacy Gap on the Internet. Why Are Some Groups Fighting Against It?

from EFF Thanks to the success of projects like Let’s Encrypt and recent UX changes in the browsers, most page-loads are now encrypted with TLS. But DNS, the system that looks up a site’s IP address when you type the site’s name into your browser, remains unprotected by encryption. Because of this, anyone along the […]

Continue Reading 4

Password1, Password2, Password3 No More: Microsoft Drops Password Expiration Rec

from ars technica For many years, Microsoft has published a security baseline configuration: a set of system policies that are a reasonable default for a typical organization. This configuration may be sufficient for some companies, and it represents a good starting point for those corporations that need something stricter. While most of the settings have […]

Continue Reading 4

What Every VPN Provider Is Missing

from Fast Company I don’t know a lot about security, but I do know that when I use public Wi-Fi—whether on my phone, tablet, or laptop—I should be protecting my traffic with a virtual private network. For those unfamiliar with VPNs, the concept is basically that you use a simple piece of software to open […]

Continue Reading 1

A Hardware Privacy Monitor for iPhones

from Schneier on Security Andrew “bunnie” Huang and Edward Snowden have designed a hardware device that attaches to an iPhone and monitors it for malicious surveillance activities, even in instances where the phone’s operating system has been compromised. They call it an Introspection Engine, and their use model is a journalist who is concerned about government […]

Continue Reading 4

No Business Too Small to Be Hacked

from NYTs Just as the holiday shopping season neared, a toy company, Rokenbok Education, was navigating a nightmare situation: Its database files had been infected by malware. Online criminals had encrypted company files, making them unusable, and were demanding a hefty ransom to unlock the data. Rokenbok, a California-based company that uses building blocks and even […]

Continue Reading 14