Unless you’ve been living under a rock this entire time, you’ve probably heard and already been blasted with emails related to GDPR, the EU’s data privacy regulation. Companies must keep customers informed about how their data is processed and assure them that they will from now on do their best to protect it. Apple is one of the companies trying to comply with GDPR that goes into effect tomorrow, May 25. The company has released the Data and Privacy portal where you have access to everything Apple knows and stores about you, including online history, Apple ID accounts, iCloud data, contacts, photos, documents, music and store history. Once they log in, users have clear instructions how to download their data. Because they can download as much as 25GB, the download process may take as much as a week. If interested in the data, users are advised to hurry with the download because otherwise the data will be deleted from Apple’s database in two weeks. Since users will most likely downlo..

A citizen of the former USSR who had been living in Riga, Latvia faces three charges related to his operation of “Scan4you,” an online counter-antivirus service that helped hackers dodge anti-malware solutions, the US Department of Justice has announced. Court records reveal that, between 2009 and 2016, 37-year-old Ruslans Bondars operated Scan4you, a service that allowed malware developers to scan their malicious code against known AV solutions protecting millions of systems owned by major U.S. retailers, financial institutions and government agencies. For instance, Scan4you helped the author of a credit card heist who made off with approximately 40 million credit and debit card numbers, as well as some 70 million addresses, phone numbers and other personal data of U.S. citizens. One retailer, particularly badly hit by the operation, suffered damages of $290 million. The bad actors behind Citadel, a malware strain used to infect over 11 million computers worldwide, also leveraged S..

A survey of over 500 security professionals has revealed, rather disconcertingly, that most believe governments should regulate the way social networks handle our data, and even install encryption backdoors to that end. At the same time, most experts also berate governments for their lax understanding of social media and digital privacy. Deeply contrasting results were revealed by the survey conducted by Venafi at RSA Conference 2018, with the help of 512 industry professionals willing to answer questions about the current state of affairs in cyber security. Surveyors wanted to learn how industry experts view the increasingly blurry lines between cyber security, privacy threats and government regulation. So they asked participants: should governments regulate the collection of personal data by social media companies? Some 70% of respondents said governments should indeed regulate social media companies’ collection of personal data to protect user privacy. Meanwhile, 72% said bureauc..

If you believed all the headlines you would think the problem is more serious than it really is. “Beware the ‘Black Dot of Death’ that will obliterate your iPhone with one text message”, reads The Metro newspaper. “Warnings about WhatsApp ‘text bomb’ that could destroy your phone.” says the Liverpool Echo. And “This WhatsApp ‘text bomb’ is destroying recipient’s phones” claims the Birmingham Mail. Yes, it is true that so-called “text bomb” vulnerabilities are capable of crashing normal operations on your Android or iPhone, but to claim that your phone is “destroyed”? Well, that’s crazy. The problem first emerged six days ago, when a Reddit user claimed that a specially-crafted text message could crash a number of messaging apps including WhatsApp. At first sight that message looks fairly harmless – a sentence followed by a laugh-until-you-cry emoji, surrounded by quotation marks. But secretly hidden between the emoji and the final quote mark are thousands of hidden characters that..

IBM is banning all removable storage, company-wide, in a new policy that seeks to avoid financial and reputational damage stemming from a misplaced or misused USB drive. IBM global chief Information security officer Shamla Naidoo told staff in an internal e-mail that the company “is expanding the practise of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” Although some departments already had this policy in place for a while, “over the next few weeks we are implementing this policy worldwide,” Naidoo said, according to The Register. The reason for the radical new policy is simple and well justified in a world laden with data breaches: “the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimized,” the CISO clarified. Avid readers will remember that Stuxnet was written to “hop” from terminal to terminal through USB drives moving between them as attack vectors...