A recent study from Consumer Reports' Digital Lab reveals that 96 percent of Americans agree that more should be done to protect consumer privacy. But don't expect to see a whole new alternative Internet emerging any year soon. Instead, you will see a focus on software offerings built around privacy and security rather than hardware.

A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.

Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.

Startup information security firm Intrigue has announced a US$2 million seed round led by LiveOak Venture Partners for a new attack service management platform that helps secure enterprise networks. The Intrigue tools scan all public, exposed attack surfaces inside and outside a company. The seed funding will also support the security and developer communities contributing to Intrigue Core.

Businesses fearful their workers may be targeted by fraudsters will want to take a look at the free Tax Scam Awareness Kit offered by Proofpoint. The kit, for both Windows and macOS, includes materials for an employee education campaign about tax fraud, three educational videos, an infographic, answers to frequently asked questions about tax scams, and a tax scam flyer.

A rich cache of data on some 533 million Facebook users was posted to a hacker forum over the weekend and is available to download for practically free. In a statement provided to TechNewsWorld by Facebook, the company said it is confident the posted information is old data that originated from a weakness in its contact importer feature that was discovered and fixed in August 2019.

Major information technology providers opposed to the broadening of class action litigation related to consumer protections have taken their case to the U.S. Supreme Court. The companies are hoping the court will strike down a lower court ruling which makes it easier for consumers to file class action suits. The tech companies may not have to wait too long for a decision.

Lost customers and revenues are caused by password sharing and friction created at websites by onerous authentication procedures, according to a new report. The report explained that if accounts are being shared by multiple users, service providers are less likely to accurately monitor usage and are unable to correctly personalize their offerings.

Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.

Half of consumers who originally planned to return to their pre-pandemic in-store shopping routines once coronavirus is under control now plan to stick with online shopping. That shift in preferences means that e-commerce merchants must keep up with trending ways to market, sell, and prevent fraud. Let's look at a few of the most important developments and see where they're going.

The most vulnerable cybercrime victims are young adults and adults over 75, according to the latest research revealed in the LexisNexis Risk Solutions biannual Cybercrime Report. The report reveals how unprecedented global change in 2020 created new opportunities for cybercriminals around the world, particularly as they targeted new users of online channels.

Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets' inboxes, many times evading measures at email gateways to filter out the infected correspondence.

Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.

Apple's plan to release its App Tracking Transparency (ATT) privacy enhancement feature in early spring has set the ad industry on its ear. ATT requires apps to get a consumer's authorization before tracking them or the devices they are using. Ray Wang, principal analyst and founder at Constellation Research, told the E-Commerce Times that "at least 40 percent of consumers will say no."

Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.

In a recent Linux Foundation blog post titled "Preventing Supply Chain Attacks like SolarWinds," the foundation's Director of Open Source Supply Chain Security, David A. Wheeler, adamantly pushed the need for software developers to embrace the LF's security recommendations. Given the magnitude of the SolarWinds hack, LinuxInsider asked Wheeler to dive deeper into how supply chain security standards might benefit from the LF's latest advice.

Nearly 30,000 Macs have been infected with a new malware strain. Discovered by researchers at Red Canary, the malware has been sitting on it hosts waiting for a payload that never arrived. In a statement provided to TechNewsWorld, Apple said that upon discovering the malware, it revoked the certificates of the developer accounts used to sign the packages, preventing new machines from being infected.

Online shoppers beware: a fast-selling marketplace of fake reviews is trying to lure you into buying products on major digital store sites and social media outlets. This latest review scam involves an under-wrap false review network operating among Amazon sellers. Trading in phony reviews may or not be legal, but such practices are clearly unethical and will have repercussions if discovered, warns Amazon.

As they become more prominent, consumers will enjoy shopping experiences that no longer rely on payments from a piece of plastic with a four-digit pin. Instead, consumers will use unique motion sensors in smartphone devices to passively authenticate people using their walking behavior and other contextual biometric signals. Some of these contactless procedures are already being deployed.

Cybersecurity experts predict that in 2021 there will be a cyberattack incident every 11 seconds. This is nearly twice what it was in 2019, and four times the rate five years ago in 2016. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses.

A cyber intruder broke into the computer network of the water treatment system of Oldsmar, Fla. and attempted to poison it with lye. News of the attack was made public Monday by officials of Oldsmar, who revealed the attack was foiled by an operator at the facility within minutes of its launch. The Oldsmar plant provides water to businesses and about 15,000 residents.

Is your list of new business customers falling short due to issues with their rejected credit approvals? New User Missed Opportunity or "NUMO" is a growing problem for e-commerce vendors. It is caused by false payment declines based on a lack of access to current consumer data by the rating agencies. But you can fix this problem.

Cyberattacks are increasing in frequency, ramping up the data privacy threats they pose to government agencies and businesses alike. Governments both domestic and foreign need to step up efforts to pass legislation that bolsters technological defenses this year, warn privacy groups. Stiffer privacy laws are gradually being reviewed and signed into the U.S. market. But that process is mostly taking place at the state level.

Canonical on Feb. 2 made available Ubuntu Core 20. This new Ubuntu Core version boasts notable new device security innovations. Given the increasing numbers and sophistication of attacks by individual and state-sponsored cybercriminals, Canonical's efforts should be welcomed by both IoT device makers and their customers, according to Charles King, principal analyst at Pund-IT.

Like many companies in these pandemic-ridden days, the Smash My Trash group uses videoconferencing in its business dealings. One potential franchisee used the information gleaned from Smash's videoconferences to set up a direct competitor. Smash filed suit for injunctive relief, alleging its trade secrets were breached and confidential information was used. The court denied the injunction.

Google sent a shock wave through the advertising and publishing industries last year when it announced it planned to scrap third-party tracking cookies, which are an important tool for online marketers. Not to worry, the company announced Monday. It has a viable alternative in the wings. "FLoC" will be available for public testing with the March release of Chrome.

Huawei has events where it pulls together key analysts to focus on problems it thinks are critical to the future. At its last event, Huawei spoke about two areas that need considerable work. Let's talk this week about the need for centralized cyberlaw enforcement, and the need for a clear vision on the future of work. We'll close with the product of the week, a new 40" curved monitor from Dell.

In the early part of 2020, the pandemic forced companies around the world to rethink their practices and determine how to accelerate the adoption of technologies that would enable remote work. After closing out on a tumultuous year, many business leaders admit where they may have gone wrong. Here are some ways they would approach a shift to remote work, if faced with the crisis all over again.

While it was already underway prior to the pandemic, the worldwide shift to digital payments has been accelerated by the crisis. This new cashless concept and the related back-end changes by banks to adopt real-time payments are becoming increasingly popular; and have set into motion the potential for a ripple effect throughout the e-commerce ecosystem.

DuckDuckGo reached a significant milestone last week when it racked up more than 100 million searches in a single day. While still a paltry number compared to the more than five billion daily searches performed by Google, the milestone is a major one for the search engine that doesn't store any of its users' personal information, archive their search histories, or track their search activity.