Nate Raymond reports: The FBI views companies hit by cyber attacks as victims and will not rush to share their information with other agencies investigating whether they failed to protect customer data, its chief said Wednesday. Christopher Wray, director of the Federal Bureau of Investigation, encouraged companies to promptly report when they are hacked to…
Spy v. Spy: An NSA Leak Reveals the Agency’s List of Enemy Hackers
Andy Greenberg reports: When the still-unidentified group calling itself the Shadow Brokers spilled a collection of NSA tools onto the internet in a series of leaks starting in 2016, they offered a rare glimpse into the internal operations of the the world’s most advanced and stealthy hackers. But those leaks haven’t just let the outside world…
Hackers can use Cortana to open websites on Windows 10 even if your PC is locked
Tristan Greene reports: A pair of independent researchers yesterday uncovered a particularly worrisome security vulnerability in Microsoft’s Windows 10. If your PC’s OS was installed with default settings this could affect you. The simple “hack” involves activating Cortana via voice command to open websites on a PC that’s been locked. Read more on TNW.
Alabama Senates Passes Data Breach Notification Act
Maya Atrakchi and Joseph Lazzarotti of Jackson Lewis write: There are only two states in the U.S. that have yet to enact data breach notification laws, but that may change in 2018. Several weeks ago, the South Dakota state legislature announced that a data breach notification bill (Senate Bill No. 62) was pending. Now, Alabama…
Researchers Discovered Data Leak In Facebook’s Ad Software
Steven Melendez reports: A loophole in Facebook’s advertising targeting mechanism could have let attackers obtain users’ phone numbers after they visited websites the attackers controlled, a group of scientists revealed in a paper presented last week. Facebook, which awarded the researchers a $5,000 bug bounty, has since taken steps to thwart similar attacks, and neither…
Settlement proposed in Yahoo data breach securities litigation
Judy Greenwald reports: An $80 million settlement has been proposed in a securities class litigation filed in connection with Yahoo Inc. data breaches in 2013 and 2014. The proposed settlement in In re Yahoo Inc. securities litigation, filed in U.S. District Court in San Francisco on Friday, was publicized Monday. In December 2016, Yahoo announced…