The social network LinkedIn has agreed to settle a consolidated class action lawsuit stemming from a June 2012 data breach that compromised 6.5 million hashed passwords. Find out the financial details of the settlement.
A proposed German cybersecurity law would require critical infrastructure organizations to disclose all significant security incidents. Legal experts say the proposal signals Germany's attempt to take a leadership role at the EU level.
White House Cybersecurity Coordinator Michael Daniel is under fire for perceived 'bragging' about his lack of technical expertise. But was Daniel, in fact, bragging? And is he off base in saying his job doesn't require deep technical experience?
The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
A U.S. federal court judge has upheld a warrant requiring Microsoft to give the Justice Department copies of e-mails being stored at a data center in Dublin. But Microsoft plans to appeal the ruling on privacy grounds.
eBay faces a class action lawsuit stemming from an early 2014 breach that resulted in 145 million customers having their personal information compromised. The suit contends the breach was the result of the company's "inadequate security."
The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
A controversial U.K. "emergency" surveillance bill has become law, just seven days after being introduced to Parliament. But a privacy rights group has already promised to challenge the new law in court.