A security flaw in WPA2, the security protocol for most modern WiFi systems, could allow an attacker to steal sensitive data including emails, credit card numbers and passwords, Researchers at Belgian university KU Leuven reported Monday. Depending on the network configuration, the flaw also could allow an attacker to inject or manipulate information in the system.

Apple's use of facial recognition to unlock its iPhone X may open the gates for developers champing at the bit to bring the technology to the Android world. Face ID, which will replace fingerprint scanning in Apple's new iPhone X, uses Apple's TrueDepth 3D camera to verify the owner of a phone. Android developers have been working on similar systems, said Sensible Vision CEO George Brostoff.

Malicious code has been discovered in two versions of Piniform's CCleaner housekeeping utility, the company disclosed on Monday. Piniform is owned by Avast, whose security products are used by more than 400 million people. The malware infecting CCleaner could give hackers control over the devices of more than 2 million users. CCleaner is designed to rid computers and mobile phones of junk.

In a rare move, the U.S. Federal Trade Commission on Thursday confirmed that it has opened an investigation into the data breach at Equifax that compromised the sensitive personal information of 143 million U.S. consumers. The FTC announcement came less than a week after Equifax revealed that an unknown party had gained access to names, addresses, Social Security Numbers and other data belonging to nearly half the U.S. population.

When Apple unveiled its iPhone X on Tuesday, officials highlighted the device's advanced functionality, including what truly could be a game changing feature, its facial recognition technology. The new handset allows users to unlock it simply by looking at it. The 10th anniversary edition of Apple's flagship mobile device is the first Apple handset to utilize Face ID.

Apple has made its long-awaited iPhone splash, accompanied by announcements of major upgrades to Apple Watch and Apple TV. The company launched two new generations of mobile phones -- iPhone 8 and 8 Plus, and iPhone X -- with enhancements in photography and device security in all models. The iPhone 8 and iPhone 8 Plus are built for durability with a new glass back design.

The Apache Software Foundation has responded to accusations that the massive data breach Equifax disclosed last week resulted from a flaw in Apache's open source code. One of the largest financial data breaches in U.S. history, it exposed names, addresses, Social Security Numbers, birth dates, driver's license numbers and other sensitive information belonging to 143 million U.S. consumers.

Consumer credit reporting agency Equifax suffered a major criminal data breach that exposed personal information of as many as 143 million consumers in the U.S. between mid-May and July of this year. The attack exposed a range of sensitive personal data, including names, addresses, Social Security Numbers, dates of birth, and in some cases driver's license numbers, Equifax said.

The recent rumor that iRobot had engaged in talks with Apple, Amazon and Google parent Alphabet to sell the data its Roomba vacuum cleaner gathers caused widespread privacy concerns. Roomba maps homes -- the spatial dimensions of rooms and distances between furniture and other objects -- and the data it collects would be valuable to any of the major players battling to control the smart home.

There are no good outcomes of an electronic data system breach. At best, companies dealing with e-commerce technologies face the formidable task and the resulting cost of repairs. In addition having to fix information technology systems, companies suffering breaches may be increasingly vulnerable to legal action taken by customers whose personal data was affected.

Voice computing is replacing the graphical user interface, Shawn DuBravac, chief economist of the Consumer Technology Association, said early this year at CES. Digital assistants will be integrated into many household objects, he noted. About 5 million voice-activated digital voice products had been sold as of January, and Bravac estimated 5 million more would be sold this year.

Comcast's Terms of Service for its Xfinity Internet service gives it, its agents, suppliers and affiliates the right to "reproduce, publish, distribute and display" the content worldwide. It also lets third parties copy, republish or distribute material posted or transmitted using Xfinity Internet. This would include confidential information sent by a company employee or an independent contractor.

Millions of IoT devices are vulnerable to cybersecurity attacks due to a vulnerability initially discovered in remote security cameras. Senrio found the flaw in a security camera developed by Axis Communications, one of the world's biggest manufacturers of the devices. The Model 3004 security camera is used for security at the Los Angeles International Airport, according to Senrio.

You're probably tired of reading that the Internet of Things is the hottest thing going, and that IoT is a boon to technology and, simultaneously, a potential disaster for security and privacy. However, over the past few years, another IoT-related technology has been growing: vehicle to vehicle. V2V is a way for automobiles to communicate directly with other vehicles on the road.

Verizon, the largest wireless carrier in the U.S., has confirmed that data belonging to about six million of its wireless customers was exposed after the information mistakenly was allowed to remain unprotected on an Amazon cloud server. The disclosure follows reports that an engineer at Nice Systems allowed the data of 14 million Verizon customers to reside on an Amazon Web Services S3 bucket.

Recent ransomware threats have escalated into a global crisis, and cybersecurity experts and government authorities have redoubled their investigative efforts. Of grave concern is the possibility that the recent Petya attack had more sinister motives than typical ransomware operations, and that state actors were involved behind the scenes. The Petya attack actually used ransomware as a cover.

Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things. That is one of the findings in a report WatchGuard Technologies released last week. The report, which analyzes data gathered from more than 26,000 appliances worldwide, found three Linux malware programs in the top 10 for the first quarter of the year.

The Online Trust Alliance on Tuesday released its 2017 Online Trust Audit & Honor Roll. Among its findings: Consumer services sites have the best combined security and privacy practices. FDIC 100 banks and U.S. government sites are the least trustworthy, according to the audit. The number of websites that qualified for the honor roll is at a nine-year high.

A data contractor working on behalf of the Republican National Committee earlier this month allowed the personal data of 198 million voters to be exposed online, marking the largest ever leak of voter data in history. Deep Root Analytics exposed 1.1 terabytes of sensitive information -- including names, home addresses, dates of birth, phone numbers and voter registration information.

Apple quietly has been strategizing to expand its growing healthcare business to include the management of digital health records, with the iPhone operating as a central data hub. Apple reportedly has been in talks with numerous health industry groups that are involved in setting standards for the storage and sharing of electronic medical records, in a way that would give consumers more control.

Last week, I listened to an economist talk about Apple's complaints that Qualcomm had charged Apple too much for access to patents. What was fascinating was that Apple had folks focused on the 5 percent Qualcomm had charged it instead of on the massive profit that Apple made on each phone. The price of the iPhone 8 likely will be well over $1,000 -- but it could cost well under $500 to build.

As daunting as securing your Linux system might seem, one thing to remember is that every extra step makes a difference. It's almost always better to make a modest stride than let uncertainty keep you from starting. Fortunately, there are a few basic techniques that greatly benefit users at all levels, and knowing how to securely wipe your hard drive in Linux is one of them.

The WannaCry ransom attack that quickly circled the globe last week is not yet fully contained. So far, it has impacted more than 300,000 computers in 150 countries. However, one of the remarkable things about it is that only a trifling $100,000 in ransom, give or take, apparently has been paid. That represents a surprisingly low response from an attack generally considered the biggest ever.

Microsoft this weekend unleashed its wrath on the National Security Agency, alleging it was responsible for the ransomware attack that began last week and has spread to thousands of corporate, government and individual computer systems around the world. Microsoft Chief Legal Officer Brad Smith launched a blistering attack on the NSA and governments worldwide.

With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever. "If you throw IoT on a con talk, you've got a pretty good chance to get in," remarked information security professional Jason Kent, as he began his presentation at Chicago's Thotcon conference last week.

A phishing scam that surfaced earlier this week used Google Docs in an attack against at least 1 million Gmail users. However, that amounted to fewer than 0.1 percent of Gmail users were affected, according to the company. Google last year put the number of active monthly Gmail users at more than 1 billion. Google shut down the phishing scam within an hour, it said.

More than 8,600 retail locations will shut down this year, following the 5,077 that closed last year, based on data from Credit Suisse. Moreover, 2017 could surpass 2008 -- the worst year for retail closures on record -- when 6,163 stores shut down operations. However, unlike 2008, when overall consumer spending declined with the onset of a global recession.

As many as 2 million Android users might have downloaded apps that were infected with the FalseGuide malware, security research firm Check Point warned on Monday. The oldest of the infected apps could have been uploaded to Google Play as long ago as last November, having successfully remained hidden for five months, while the newest may have been uploaded as recently as the beginning of April.

A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat. Eset disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware. Linux/Shishiga uses four protocols -- SSH, Telnet, HTTP and BitTorrent -- and Lua scripts for modularity, wrote Detection Engineer Michal Malik and Eset researchers.

Microsoft has announced the general availability of its phone sign-in for customers with Microsoft accounts -- a system that could be the beginning of the end for passwords. The new system requires that customers add their accounts to the Microsoft Authenticator app, which comes in both iOS and Android versions, noted Alex Simons, director of program management of the Microsoft Identity Division.