Microsoft will pay $20 million to settle a U.S. federal investigation into whether the computing giant violated children's privacy protections during the XBox Live registration process. The Federal Trade Commission accused the company of a slew of infractions.
Microsoft says an affiliate of the Russian-speaking Clop ransomware gang is behind a rash of attacks exploiting a recently patched vulnerability in Progress Software's MOVEit application. Known victims include British payroll provider Zellis, which says eight corporate customers were affected.
Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network. European authorities have shown increased willingness to use the GDPR to limit targeted advertising.
Artificial intelligence poses a global risk of extinction tantamount to nuclear war and pandemics, say a who's who of artificial intelligence executives in an open letter that evokes danger without suggesting how to mitigate it. Among the signatories are Sam Altman and Geoffrey Hinton.
Amazon agreed to pay $5.8 million to settle a Federal Trade Commission investigation into allegedly poor cybersecurity practices by its Ring home surveillance device subsidiary. The company is also poised to come under two decades' worth of outside reviews of a mandated data and security program.
A Chinese state hacker has targeted critical infrastructure in Guam and the United States with the likely intent of cyberespionage and maintaining long-term access. Microsoft dubbed the threat actor "Volt Typhoon" on Wednesday in a coordinated disclosure with the U.S. government and close allies.
Apple is patching actively exploited zero-day flaws in its browser rendering engine for mobile devices, and one cybersecurity firm says the vulnerabilities are likely evidence of takeover attacks. Two of the bugs were the subject of Apple's first-ever Rapid Security Response.
The Federal Trade Commission's proposed changes to its 14-year-old Health Breach Notification Rule come at a time when some advocates say stronger consumer data privacy protections are needed. But will the FTC potentially face legal challenges to its authority to make these sweeping changes?
A Russian man the U.S. government says was a key actor in Russian ransomware hacking faces federal criminal charges and economic sanctions. A $10 million reward is out for information leading to his arrest. Mikhail Matveev, aka "Wazawaka," was a key figure in the Babuk ransomware-as-a-service gang.
The chief executive of the company behind generative artificial intelligence tool ChatGPT called for global regulations, including licensing, in testimony before a U.S. congressional panel. The Biden administration is already investigating mechanisms to ensure an "AI accountability ecosystem."
Nickolas Sharp, a one-time employee of Ubiquity who pleaded guilty to insider hacking received Wednesday a six year prison sentence. He admitted guilt on Feb. 2 to three criminal counts including transmitting a program to a protected computer that intentionally caused damage.
A U.S. federal appeals court sided with a company that simulates iPhones for security researchers after Apple sued, claiming copyright infringement. The court dismissed a claim that the company had infringed its copyright over iOS and remanded two other claims related to icons and wallpapers.
Joe Sullivan, the former chief security officer of Uber, will not spend time in prison for his role in impeding a federal investigation into the ride-hailing company's security practices. His sentence is three years of probation and a $50,000 fine.
U.S. authorities revealed the Russian man behind a two-decade span of abetting cybercriminals' theft of credit cards, dismantled his online infrastructure and offered a hefty reward for information leading to his arrest. Prosecutors say the man, Denis Kulkov, ran a service now known as Try2Check.
The U.S. Federal Trade Commission is seeking tougher sanctions for Facebook after determining that several gaps exist in the company's compliance with a 2020 consent decree mandating privacy improvements. The company will have 30 days to respond and could challenge tougher privacy rules in court.