It appears the FTC has obliged U.S. officials and begun investigating the data security practices of DNA testing companies like 23andMe and Ancestry.com.
Facebook in hot water again, malware hits Rhode Island, regulation for data brokers, and more - catch up on the week's infosec news with this roundup!
Researchers warned Wednesday that VPNFilter, the strain of potentially destructive malware uncovered last week, can infect more devices than previously thought. It also has the ability to intercept network traffic and deliver malicious payloads via a man-in-the-middle attack.
The Electronic Privacy Information Center (EPIC) urged the government's Consumer Product Safety Commission to regulate IoT products in a letter this week.
A set of vulnerabilities dubbed "EFAIL" affect encryption standards like PGP and S/MIME and could reveal the plaintext of encrypted emails sent in the past.
Apple has reportedly begun removing apps from the App Store that share location data with third parties but fail to obtain a user's consent.
The FBI said this week that Business Email Compromise (BEC) scams in 2017 resulted in a loss of $675M, a big jump from the year prior, when they were responsible for a loss of $360M.
Amazon followed in Google's footsteps this week in banning domain fronting, a technique that allows app and site developers to evade censorship.
A Chrome extension has been removed from Google's webstore that was found spreading through Facebook, stealing passwords and cryptocurrency.
Zero days, cyber takedowns and more -- catch up with the week's infosec news with this roundup!