Apple plans to equip iOS 12 with USB Restricted Mode, which requires users to unlock their iPhone with their passcode before USB accessories can connect if the phone last was unlocked more than an hour earlier. The company included this feature in the developer versions of iOS 11.4.1 and iOS 12. Apple will release USB Restricted Mode publicly in a future software update, it confirmed this week.

The expanding world of Internet commerce likely will generate a corresponding expansion of data breaches, resulting in more e-commerce businesses becoming the targets of consumer class action lawsuits. Breach litigation has become more prevalent as a result of a perceptible legal trend favoring consumers. Courts have tended to allow lawsuits based on a lower threshold for establishing injury.

Apple on Monday gave the world a peek at macOS Mojave, the next version of its operating system for Macintosh laptop and desktop computers. The preview took place at the company's Worldwide Developers Conference held at the McEnery Convention Center in San Jose, California. Mojave has a mix of new features that add to its good looks and utility as a productivity tool.

In spite of all the high-profile breaches that seem to sweep the headlines with greater frequency, companies slowly but surely have been getting a handle on internal security practices. At this point, it's hard to imagine any employee, in or out of the tech sector, who hasn't been run through antiphishing training. However, security is only as strong as its weakest link.

The FBI has disrupted a network of half a million routers compromised by the group of Russian hackers believed to have penetrated the DNC and the Hillary Clinton campaign during the 2016 elections, according to reports. The hacker group, known as "Fancy Bear," has been using a malware program called "VPN Filter" to compromise home and small office routers.

Okta has announced the Okta API Products One App, which lets engineering teams and developers implement multifactor authentication for any single website or application. Developers can use API Products for One App free if they display "Identity by Okta" on the login page of their app. Among Okta API Products for One App's features are authentication and directory services for Web or mobile apps.

Health services vendors have been partnering with various organizations to gain a foothold in the cloud and to test out their solutions. One of the cloud's major selling points is security -- but it is not as safe as it's made out to be. Google Cloud "recently announced a significant expansion in HIPAA compliance across our portfolio of cloud products," noted Google Cloud's Joe Corkery.

The cloud offers a host of potential uses, according to the healthcare industry and academic medical center representatives who participated in a Healthcare Information and Management Systems Society survey. Application hosting was the top use, identified by 90 percent of the respondents. Disaster recovery and backup, and hosting application data were among other uses cited.

Cisco has reduced the poaching of endangered rhinos in Africa by a whopping 96 percent. This success comes at a time when kids appear to be increasingly at risk from rogue school shooters and the United States government seems deadlocked on gun control. The focus of Cisco's tech is on catching the poachers who kill around 1,000 endangered rhinos a year, rather than on taking away their guns.

A recent incident reminded me of the importance of backing up one's phone regularly. Soon after carrying my recycling out to the curbside, I realized I had misplaced my 6-month-old iPhone. Cue brief panic, followed by deep concern that I'd somehow tossed my device into that transparent bag I'd left outside for the world to see. That led me to yelling "Hey, Siri" until the familiar chime sounded.

A newfound flaw in email clients that use PGP and S/MIME to encrypt messages can be exploited to expose the plain text of the missives, according to a new paper. By injecting malicious snippets of text into encrypted messages, attackers can use the flaw to make the email client exfiltrate decrypted copies of the emails, explained the authors, a team of researchers from three European universities.

"It's only a few times in the history of the U.S. and in specific domains do you have the opportunity to make decisions and have a lasting effect on that domain," said Circadence VP Keenan Skelly. "In terms of information cybersecurity, we're right in the middle of it right now. We're just figuring out what global norms should be."

Smart home and consumer IoT solutions promise significant opportunities for the insurance industry in terms of reducing costs, alleviating risks, deepening customer engagement, and creating new services and revenue streams. There are many barriers ahead to overcome, but given the tremendous upside, insurance companies have begun attacking these challenges with a multi-tiered strategy.

I spent a day with BlackBerry last week and it brought back memories of how Apple displaced the company around a decade ago. I, like a lot of folks, thought what Apple was attempting was impossible. However, after the fact, it didn't even look difficult. BlackBerry largely has completed its pivot to software and services, but a wave of new phones from its partners suggests new possibilities.

A flaw in certain electronic hotel door locks could allow hackers to access guest rooms and other secure locations at millions of properties around the world, F-Secure researchers have discovered. Software updates were issued to fix the flaw in the smart locks after F-Secure notified and worked with the manufacturer over the past year. The researchers had found a way to make a master key.

Google has rolled out a number of new features designed to make its G Suite collaboration and productivity apps more efficient and safer to use. G Suite currently has more than 4 million paying business customers. The updates include a new design, enhanced security and AI components, and better integration of G Suite apps -- including Gmail, which is getting a brand new look.

Devices built on Nvidia's Tegra X-1 mobile processor are at risk of attack from a flaw security researchers have revealed. The exploit chain discovered by Katherine Temkin and others affects any device running the chip, including the Nintendo Switch gaming console. Called "Fusée Gelée," the vulnerability allows anyone to run code on the chip by overloading a critical buffer when a system boots.

Users of Google's Gmail have been receiving spam that appears to have been sent from their own accounts. Google said it was aware of a spam campaign impacting a "small subset of Gmail users" and was taking measures to protect against it. The attackers used forged email headers to make it appear that users were sending emails to themselves, which led to those emails appearing in their sent folders.

Microsoft has opted to use its own version of a Linux operating system instead of Windows 10 to drive its new Azure Sphere solution for securely connecting Internet of Things devices. Microsoft introduced Azure Sphere last week at the RSA security conference in San Francisco. Azure Sphere is a platform that connects microcontroller units, or MCUs, embedded in cloud-connected devices.

Microsoft, Oracle and Facebook, along with 31 other companies, have signed the Cybersecurity Tech Accord, an agreement aimed at defending against cyberattacks, whether coming from rogue hackers or nation-states. The 34 tech firms committed to stronger defenses, no offensive attacks, capacity building and collective action. Security remains a major issue in the tech world.

A Web standards milestone could point to the end of the road for pesky passwords. The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium. WebAuthn defines a standard API that can be incorporated into browsers and Web infrastructure. It opens the door for new ways for users to authenticate themselves on the Internet that are more secure and convenient than passwords.

We should start discussing what's beyond CRM. I chose the word "beyond" advisedly. CRM is far from dead or even in decline, so "after" would be incorrect. However, CRM already has changed so much that it may be time to rethink it. Also, many of the tangential technologies that have turbocharged CRM in the last few years, like social media, have drawn so much attention that some analysis is due.

An alarming number of major U.S. retailers, industrial firms, government agencies and other organizations have been hit in a recent wave of cyberbreaches that may signal increasing vulnerability for consumers and businesses alike. The attacks have exposed millions of consumer payment cards to fraud. Cyberthieves have used a variety of methods to infiltrate corporate computer systems.

Mobile device makers and telecom service providers need to make significant privacy protection improvements for their customers, says the FTC. Its recent report could become the basis for agency enforcement actions -- not only for smartphones, but also for other mobile devices. "The report is a clear signal to the industry to focus on this issue," said Gerard Stegmaier, a partner at Reed Smith.

The DoJ has charged nine Iranian nationals for engaging in a massive phishing campaign on behalf of the Iranian Revolutionary Guard. The allegations include the theft of $3.4 billion in research and intellectual property from 320 colleges and universities in the U.S. and abroad, as well as from 47 foreign and domestic companies, plus several federal agencies, state governments, and the UN.

Facebook on Sunday confirmed that its Messenger and Lite apps for Android smartphones routinely collect call and text histories. The call and text history logging are opt-in features for people using Messenger or Facebook Lite on Android devices, the company said in a post. The feature is designed to help users stay connected, and it improves the Facebook experience, according to the company.

A virtual currency hardware wallet with millions of users has been compromised. Saleem Rashid explained how he cracked the firmware on the wallet produced by Ledger using what's known as a "supply chain" attack. That means a targeted device is compromised before any users get their hands on it. The attack on Ledger's $100 Nano S wallet creates a backdoor on the device.

The Nest Hello video doorbell and the Nest x Yale Lock are now available, along with a new Nest Temperature Sensor -- the latest addition to the company's smart home lineup. Owners of the Hello video doorbell can use the Nest app for iOS or Android to see and converse with people without opening their door. The x Yale Lock -- a tamper-proof, key-free deadbolt -- also connects with the Nest app.

Americans have been targeted on social media by Russian agents on a mission to harvest personal information. The agents pretended to work for organizations promoting African-American businesses as a ruse to obtain personal information from black business owners during the 2016 presidential election campaign. Using names like "BlackMattersUS," the agents set up hundreds of social media accounts.

Amazon has agreed to buy Ring for $1 billion, the companies have disclosed. Ring users already could use the Echo Show to see and hear visitors at the front door. The deal means Ring can further its "mission to reduce crime in neighborhoods by providing effective yet affordable home security tools to our neighbors that make a positive impact on our homes, our communities and the world," Ring said.