A week in security (May 6 – 12)
A roundup of security news from May 6–12, including breaches, privacy, financials, takedowns, and new ransomware tactics.
The top six takeaways for user privacy
Amidst never-ending data breaches and constantly-surprising company fiascos, here are six takeaways for anyone in the US who cares about protecting their online privacy.
The global data privacy roadmap: a question of risk
For any American company taking steps outside the US market, global data privacy compliance is a question of risk versus reward.
Google’s Nest fiasco harms user trust and invades their privacy
Last month, Google announced that its Nest Secure would be updated to work with Google Assistant software. The problem? Google never told users its product had a microphone to begin with. Simple oversight or invasion of privacy? We break it down.
Explained: Payment Service Directive 2 (PSD2)
PSD2 is coming to the EU. What is it? How will it be used? What are the implications? Many questions and some answers and recommendations.
Google Chrome zero-day: Now is the time to update and restart your browser
A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google’s auto update feature, users will need to close and restart their browser in order to be protected.
The not-so-definitive guide to cybersecurity and data privacy laws
In the first blog for Malwarebytes Labs’ cybersecurity and data privacy law series, we tackle US data privacy compliance from a startup’s perspective. GDPR, COPPA, HIPAA—it’s all here.
Spectre, Google, and the Universal Read Gadget
A recently released paper by Google has resurrected the spirit of Spectre, a seemingly never-ending threat to most makes of processor. We take a look at what this means, and what the Universal Read Gadget means for most technology users.
Will pay-for-privacy be the new normal?
As the US considers new data privacy laws, at least two new proposals include calls to exchange money for privacy—an unwelcome bargain for users. Before pay-for-privacy becomes law, privacy as a right should become industry practice.
Max Schrems: lawyer, regulator, international man of privacy
Almost 10 years ago, privacy advocate Max Schrems and the European Union began separate efforts to change the way the world thinks about online privacy. Thanks to them, we now have GDPR.