

Jon Gold
Senior Writer
Jon Gold covers IoT and wireless networking for Network World. He can be reached at jon_gold@idg.com.


Meta fined €17 million by Irish regulator for GDPR violations
In the wake of 12 data breaches reported in 2018, Facebook’s parent company hit with hefty fine for failing to follow GDPR regulations related to its ability to demonstrate data privacy protection practices.

SentinelOne to buy Attivo Networks for $617M, bringing ID-based security to XDR platform
Known as an endpoint protection vendor, SentinelOne is broadening its appeal by adding an identity-focused security layer to its Singularity XDR (extended detection and response) platform, in a $616.5 million deal.

SEC plans four-day cybersecurity breach notification requirement
The US stock market regulator wants to tighten reporting requirements for security breaches at publicly traded firms.

‘FragAttack’ flaws threaten Wi-Fi, but not too seriously
A set of vulnerabilities in Wi-Fi’s basic design offers a long-standing and widespread threat vector, but the probability of compromise remains low.

A year after terrorist attacks, phone privacy laws unchanged – but watch out for Trump
Although the perpetrators of the San Bernardino mass shooting were killed in a gun battle with law enforcement within hours of the attack, the FBI’s interest in one terrorist’s iPhone precipitated a public standoff with Apple that...

DNS provider Dyn gets DDoSed, takes out Twitter, GitHub and plenty others
Some of the biggest names on the internet – including Twitter, GitHub, Etsy, Spotify, the New York Times and the Boston Globe, among many others – were temporarily knocked offline by a DDoS attack that targeted DNS provider Dyn early...

Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones
A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and BBQ enthusiast who dubbed the vulnerability Pork Explosion.

Open-source vulnerabilities database shuts down
An open-source project dedicated to cataloguing a huge range of computer security flaws has closed its doors as of Tuesday, according to an announcement on the Open-Source Vulnerability Database’s blog.

Little Rock, Tampa, and St. Louis hardest-hit by malware among U.S. cities, study finds
Little Rock, Tampa, St. Louis, Orlando and Denver were the five American cities most affected by malware on a per-capita basis in 2015, according to a study released today by Enigma Software.

Google: Users still aren’t getting message about online security
Google researchers say that experts and non-experts go about protecting their digital privacy in very different ways, according to survey results they plan to present at the upcoming Symposium on Usable Privacy and Security.

Petition targets Apple over ‘spyware’ in OS X Yosemite
Apple should remove “spyware” from its new Yosemite release of OS X, according to an online petition that has received 14,450 signatures as of early Thursday afternoon.

Tor hints at possible U.S. government involvement in recent attack
Anonymity network hacked with sophisticated traffic correlation technique.
Mobile ads pose serious threat to enterprise security, report warns
Advertising libraries could reveal more than you bargained for.
Fake Android anti-virus app taken down
Virus Shield, by developer Deviant Solutions, was a handsome, apparently easy-to-use security app for Android devices. For $4, the app promised hassle-free, ad-free security for Android users, without impacting battery life or...
Firefox community roiled by Java crackdown
The Firefox web browser will, henceforth, require users to manually activate Java objects on sites that they visit, Mozilla has confirmed. The change is aimed at improving security and moving away from a dependence on proprietary...
Google's latest Penguin update lets you squeal on spammy websites -- as well as anyone else
The latest version of Google's sophisticated anti-spam algorithm, dubbed Penguin 2.0, was announced yesterday in an official blog post from the company's well-known webspam czar, Mike Cutts. The 2.0 label was applied, according to...
ESEA gaming client hijacks GPUs for Bitcoin mining
The co-owner of widely used computer gaming service ESEA has admitted that the company used its client software to mine bitcoins using customers hardware without their knowledge. Some ESEA users say that the unannounced activity...
Google Death: Inactive account manager helps you plan digital last will and testament
Google provided a somewhat morbid reminder of the increasing primacy of digital data in our lives with the release today of the euphemistically named Inactive Account Manager feature. The service allows users to customize what will...
Reddit co-founder calls out Google, Twitter, Facebook over CISPA
A co-founder of social news site Reddit has publicly urged the heads of Twitter, Google and Facebook to support efforts to defeat a controversial cyber security bill currently under consideration in Congress. Alexis Ohanian posted a...