Here’s the latest Naked Security podcast – enjoy!

…or that they can edit the (often inaccurate) pigeon-holes Facebook likes to put us in, a study found.

Android apps that want access to your call and SMS data now have to pass muster with Google’s team of reviewers.

Black Hat is the most technical and relevant global information security event series in the world. These high-profile global events and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry.

Cloud security experts weigh in with the practices and tools they prefer to monitor and measure security metrics in the cloud.

Blockchain may finally be ready to move from hype to reality, with continued IoT integrations and tokenization, according to KPMG.

Twitter has fixed the issue, which has been ongoing since 2014.

For medical entities, simply following HIPAA cloud service provider guidelines is no longer enough to ensure that your practice is protected from cyber threats, government investigations, and fines.

The PCI Software Security Framework will eventually replace PCI DA-DSS when it expires in 2022.

One common criticism of bug bounty programs is that very few hackers actually make money. Not only is this untrue, but it misses the point.

A default configuration allows full admin access to unauthenticated attackers.

Threatpost editors break down the top headlines from the week ended Jan. 18.

An Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation.

The Fallout EK has added the latest Flash vulnerability to its bad of tricks, among other tune-ups.

Two apps on Google Play were infecting devices with the Anubis mobile banking trojan.

But rate of funding appears unsustainable, according to Strategic Cyber Ventures.

The most common vulnerabilities seen last year run the gamut from cross-site scripting to issues with CMS platforms.