A new feature in iOS 11.4.1, which Apple released earlier this week, is designed to protect against unwanted intrusions through the iPhone's Lightning Port. However, the protection may be weak at best. The feature, called "USB Restricted Mode," disables data transfer through the Lightning Port after an hour of inactivity. In some cases, the phone might not charge, according to Apple.

The House Committee on Energy and Commerce has written Alphabet CEO Larry Page and Apple CEO Tim Cook demanding information on their companies' practices with regard to third-party access, audio and location data collection. "This is a huge issue," said Consumer Watchdog's John Simpson. "People are becoming aware of how much data about them is being sucked up by their smartphones."

A popular fitness app provided a convenient map for anyone interested in shadowing government personnel who exercised in secret locations, including intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world. The fitness app, Polar Flow, publicized more data about its users in a more accessible way than comparable apps, investigators found.

There are times when looking at something narrowly can be more effective than taking a wider and more comprehensive view. If you don't believe me, consider the experience of looking at organisms in a microscope or watching a bird through binoculars. Distractions are minimized, allowing optimal evaluation and analysis of what's under investigation.

Retailers' biggest worry is increasing e-commerce fraud -- including data breaches, targeted attacks and card-not-present fraud -- according to a report from the Federal Reserve Bank of Minneapolis. Online fraud is one of the biggest challenges facing retailers, with CNP fraud being one of their top worries. CNP fraud will hit $71 billion over the next five years, Juniper Research has forecast.

Facebook and Google have manipulated users into sharing data using so-called "dark patterns," according to a report from the Norwegian Consumer Council. The practices nudged users toward accepting privacy options that favored the tech companies rather than themselves, the NCC found. Facebook and Google have no intention of providing users with an actual choice, the NCC has claimed.

Network devices with better security will be hitting the market this year, thanks to Wi-Fi Certified WPA3, which the Wi-Fi Alliance launched Tuesday. The announcement paves the way for the proliferation of devices that support the new, more secure protocol for WiFi communication, which is designed to replace the 14-year-old WPA2. The new protocol adds features to simplify WiFi security.

The healthcare industry has been moving toward medical equipment connectivity to speed up data entry and recording, as well as improve data accuracy. At the same time, there has been a shift toward incorporating consumer mobile devices, including wearables. "The demand for connected devices has increased rapidly in recent years," noted Leon Lerman, CEO of Cynerio.

Worldwide IoT spending will total nearly $773 billion this year, IDC has predicted. The IoT will sustain a compound annual growth rate of 14.4 percent, and spending will hit $1.1 trillion by 2021, according to the firm's forecast. Consumer IoT spending will total $62 billion this year, making it the fourth largest industry segment, after manufacturing, transportation and utilities.

Academics have been hard at work studying information security. Most fields aren't as replete with hackers as information security, though, and their contributions are felt much more strongly in the private sector than in academia. The differing motives and professional cultures of the two groups act as barriers to direct collaboration, noted CypherCon presenter Anita Nikolich.

Apple plans to equip iOS 12 with USB Restricted Mode, which requires users to unlock their iPhone with their passcode before USB accessories can connect if the phone last was unlocked more than an hour earlier. The company included this feature in the developer versions of iOS 11.4.1 and iOS 12. Apple will release USB Restricted Mode publicly in a future software update, it confirmed this week.

The expanding world of Internet commerce likely will generate a corresponding expansion of data breaches, resulting in more e-commerce businesses becoming the targets of consumer class action lawsuits. Breach litigation has become more prevalent as a result of a perceptible legal trend favoring consumers. Courts have tended to allow lawsuits based on a lower threshold for establishing injury.

Just when the European Union's General Data Protection Regulation, or GDPR, was about to go into effect, the United States Congress created the CLOUD Act. Without any public hearings, review or public comment, Congress passed the legislation as part of the $1.3 trillion government spending bill. The CLOUD Act changed the privacy provisions that previously were in effect.

Apple on Monday gave the world a peek at macOS Mojave, the next version of its operating system for Macintosh laptop and desktop computers. The preview took place at the company's Worldwide Developers Conference held at the McEnery Convention Center in San Jose, California. Mojave has a mix of new features that add to its good looks and utility as a productivity tool.

Oracle has been on a security campaign ever since Larry Ellison openly began discussing the new "autonomous database" -- so called because it can manage itself, including self-patching and upgrading, without human effort. The hands-off database can eliminate human labor to keep it tuned and running, according to Oracle, greatly reducing the time between availability and implementation.

A significant percentage of IT systems are cloud-based, according to a recent survey. The cloud is a key enabler for emerging technology, suggests the CompTIA poll, which was conducted last month. Cloud computing was one of four trends respondents expected to feature heavily in IT conversations over the next 12 to 18 months, the survey found. Others were AI, the IoT and cybersecurity.

In spite of all the high-profile breaches that seem to sweep the headlines with greater frequency, companies slowly but surely have been getting a handle on internal security practices. At this point, it's hard to imagine any employee, in or out of the tech sector, who hasn't been run through antiphishing training. However, security is only as strong as its weakest link.

If you're a cybersecurity practitioner, chances are good that you've heard the term "zero trust" over the past few months. If you attend trade shows, keep current with the trade media headlines, or network with peers and other security pros, you've probably at least heard the term. Depending on whom you're talking to, you'll get a different answer about what it is and why it might be useful.

Salesforce CEO Marc Benioff described Facebook as the "new cigarettes" in a recent appearance on the TV show CBS This Morning and called for the U.S. to adopt a national privacy law like the GDPR, which just went into effect in Europe. "Maybe this is a time where the government has to step in and regulate not just that product but really our industry," Benioff said, referring to Facebook.

The DoJ and the CFTC have opened a joint criminal investigation into price manipulation of bitcoin and other cryptocurrencies, according to a report. The illicit tactics reportedly being investigated include spoofing and wash trading. Bitcoin's share prices have been fluctuating wildly over the past year, ranging from $1,800 to almost $20,000, leading to rumors of price manipulation.

The FBI has disrupted a network of half a million routers compromised by the group of Russian hackers believed to have penetrated the DNC and the Hillary Clinton campaign during the 2016 elections, according to reports. The hacker group, known as "Fancy Bear," has been using a malware program called "VPN Filter" to compromise home and small office routers.

Okta has announced the Okta API Products One App, which lets engineering teams and developers implement multifactor authentication for any single website or application. Developers can use API Products for One App free if they display "Identity by Okta" on the login page of their app. Among Okta API Products for One App's features are authentication and directory services for Web or mobile apps.

WhiteSource has launched its next-generation software composition analysis technology, dubbed "Effective Usage Analysis," with the promise that it can reduce open source vulnerability alerts by 70 percent. The newly developed technology provides details beyond which components are present in the application. It provides actionable insights into how components are being used.

Health services vendors have been partnering with various organizations to gain a foothold in the cloud and to test out their solutions. One of the cloud's major selling points is security -- but it is not as safe as it's made out to be. Google Cloud "recently announced a significant expansion in HIPAA compliance across our portfolio of cloud products," noted Google Cloud's Joe Corkery.

The cloud offers a host of potential uses, according to the healthcare industry and academic medical center representatives who participated in a Healthcare Information and Management Systems Society survey. Application hosting was the top use, identified by 90 percent of the respondents. Disaster recovery and backup, and hosting application data were among other uses cited.

Cisco has reduced the poaching of endangered rhinos in Africa by a whopping 96 percent. This success comes at a time when kids appear to be increasingly at risk from rogue school shooters and the United States government seems deadlocked on gun control. The focus of Cisco's tech is on catching the poachers who kill around 1,000 endangered rhinos a year, rather than on taking away their guns.

U.S.-based providers of e-commerce resources, including cloud services, must release foreign-held customer information to law enforcement agencies under a new law. Providers have strongly objected to releasing customer information residing outside the U.S. for fear of violating the privacy laws of other countries. The providers noted a potential "staggering" loss of international customers.

A recent incident reminded me of the importance of backing up one's phone regularly. Soon after carrying my recycling out to the curbside, I realized I had misplaced my 6-month-old iPhone. Cue brief panic, followed by deep concern that I'd somehow tossed my device into that transparent bag I'd left outside for the world to see. That led me to yelling "Hey, Siri" until the familiar chime sounded.

Several countries -- including the United States, France and Germany -- have pointed a finger at Russia for meddling in their elections. Russia used social media as a big part of that effort. Facebook has been scrambling to win back the public's trust since the Russia and Cambridge Analytica scandal. However, it's not clear what exactly hostile nation states have been up to on social media.

A newfound flaw in email clients that use PGP and S/MIME to encrypt messages can be exploited to expose the plain text of the missives, according to a new paper. By injecting malicious snippets of text into encrypted messages, attackers can use the flaw to make the email client exfiltrate decrypted copies of the emails, explained the authors, a team of researchers from three European universities.