AT&T, T-Mobile and Sprint have sold access to subscribers' real-time location data to aggregators, which in turn have sold it to about 250 bounty hunters and related businesses, according to a report. In some cases, the data allowed users to track individuals to their specific locations inside a building. Some companies made thousands of location requests to data brokers.

Americans received 26.3 billion robocalls on their mobile phones in 2018, according to Hiya. That was 46 percent more than in 2017. Consumers received an average of 10 spam calls per month, Hiya found. The top unwanted call in the U.S. was for the Wangiri, or "one-ring" scam, which grew 250 percent year over year. Seven of the top area codes targeted by spammers were in Texas.

Chinese sellers have been using a number of underhanded techniques to boost their global rankings and profits on Amazon, according to a report. Grabbing the high ground on a search results page is critical for any seller trying to rise above the din created by the more than 500 million products offered on Amazon, which is why some sellers feverishly search for ways to get an edge in the rankings.

The personal data of some 100 million people who have used Quora, a popular question and answer website, has been compromised, the company disclosed. "We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party," wrote Quora CEO Adam D'Angelo in an online post. "We are working rapidly to investigate the situation."

With the holidays fast approaching, are you looking to buy presents online? The holiday season has become synonymous with online shopping. This isn't really surprising as physical stores usually attract crowds of deal hunters. This often conjures up images of throngs of people waiting in line outside the store, some even camping out. This activity is tolerable for some and even fun for others.

Several years ago, my wife and I invested in a project called "Sanctuary Belize" and, like many of the investors, we were incredibly excited about the prospect of retiring in paradise. After a time, things just weren't adding up. The company supposedly put controls in place to reverse course, but we exited the project. As it turned out, those controls either were not put in place or failed.

The Mozilla Foundation is expanding a campaign begun last year to help consumers buy safe, secure connected toys and mobile gadgets this holiday season. Mozilla's 2018 edition Privacy Not Included buyers' guide offers an assessment of the privacy and security qualities of 70 products, ranging from connected teddy bears and smart speakers to game consoles and smart home gadgets.

An increasing number of healthcare professionals have become alert to the need for well-rounded medical device security in recent years, and players throughout the industry have started putting more effort into raising the bar. Developers have become aware of the most glaring holes, and more information security researchers have been brought into the fold.

Google has announced new steps to combat the placement of fraudulent tech support ads on its platform. The company will roll out a verification program in the next few months to ensure that only legitimate third-party tech support providers can place Google ads. There are many legitimate providers that offer local or regional services, or affordable support for out-of-warranty products.

Microsoft has torpedoed websites designed to steal credentials from visitors to two Republican Party think tanks. The malicious websites were among six the company took down last week. A group of hackers affiliated with the Russian military created the sites, according to Microsoft. It apparently was the same group that stole a cache of email from the DNC during the 2016 presidential campaign.

The healthcare cloud has been growing incredibly, becoming an ever-more-important element of health information technology, or HIT. There are many reasons why the HIT cloud has been becoming more prominent, such as research and development and collaboration. Since the cloud has been expanding so rapidly, this may be a good time to reconsider security.

The Internet of Things may be in its infancy, but the U.S. government has been gearing up to determine what the proper federal role should be, both for encouraging and for regulating the use of IoT technology. Two recent developments have underscored the government's interest in IoT. On the regulatory front, the CPSC has launched an initiative to determine a framework for regulation.

The House Committee on Energy and Commerce has written Alphabet CEO Larry Page and Apple CEO Tim Cook demanding information on their companies' practices with regard to third-party access, audio and location data collection. "This is a huge issue," said Consumer Watchdog's John Simpson. "People are becoming aware of how much data about them is being sucked up by their smartphones."

Facebook and Google have manipulated users into sharing data using so-called "dark patterns," according to a report from the Norwegian Consumer Council. The practices nudged users toward accepting privacy options that favored the tech companies rather than themselves, the NCC found. Facebook and Google have no intention of providing users with an actual choice, the NCC has claimed.

The healthcare industry has been moving toward medical equipment connectivity to speed up data entry and recording, as well as improve data accuracy. At the same time, there has been a shift toward incorporating consumer mobile devices, including wearables. "The demand for connected devices has increased rapidly in recent years," noted Leon Lerman, CEO of Cynerio.

The expanding world of Internet commerce likely will generate a corresponding expansion of data breaches, resulting in more e-commerce businesses becoming the targets of consumer class action lawsuits. Breach litigation has become more prevalent as a result of a perceptible legal trend favoring consumers. Courts have tended to allow lawsuits based on a lower threshold for establishing injury.

Health services vendors have been partnering with various organizations to gain a foothold in the cloud and to test out their solutions. One of the cloud's major selling points is security -- but it is not as safe as it's made out to be. Google Cloud "recently announced a significant expansion in HIPAA compliance across our portfolio of cloud products," noted Google Cloud's Joe Corkery.

"It's only a few times in the history of the U.S. and in specific domains do you have the opportunity to make decisions and have a lasting effect on that domain," said Circadence VP Keenan Skelly. "In terms of information cybersecurity, we're right in the middle of it right now. We're just figuring out what global norms should be."

A flaw in certain electronic hotel door locks could allow hackers to access guest rooms and other secure locations at millions of properties around the world, F-Secure researchers have discovered. Software updates were issued to fix the flaw in the smart locks after F-Secure notified and worked with the manufacturer over the past year. The researchers had found a way to make a master key.

Mobile device makers and telecom service providers need to make significant privacy protection improvements for their customers, says the FTC. Its recent report could become the basis for agency enforcement actions -- not only for smartphones, but also for other mobile devices. "The report is a clear signal to the industry to focus on this issue," said Gerard Stegmaier, a partner at Reed Smith.

Google has said it will stop serving ads for cryptocurrencies and related content in June. The ban includes, but is not limited to, initial coin offerings, cryptocurrency exchanges, cryptocurrency wallets and cryptocurrency trading advice. Google also will bar aggregators and affiliates from serving ads for cryptocurrencies and related content. Facebook adopted a similar policy earlier this year.

Americans have been targeted on social media by Russian agents on a mission to harvest personal information. The agents pretended to work for organizations promoting African-American businesses as a ruse to obtain personal information from black business owners during the 2016 presidential election campaign. Using names like "BlackMattersUS," the agents set up hundreds of social media accounts.

Amazon has agreed to buy Ring for $1 billion, the companies have disclosed. Ring users already could use the Echo Show to see and hear visitors at the front door. The deal means Ring can further its "mission to reduce crime in neighborhoods by providing effective yet affordable home security tools to our neighbors that make a positive impact on our homes, our communities and the world," Ring said.

The Walt Disney Company's recent decision to purchase major assets of 21st Century Fox in a transaction valued at $52 billion underscores the huge potential for distributing information and entertainment via the Internet. The deal will allow the company to improve its direct-to-consumer offerings, Disney said when it disclosed the transaction early last month.

Given how many big names have fallen over the last few weeks due to sexual misconduct, abuse and harassment, you'd think I'd name 2017 as the year of power abuse. However, while I know a lot of folks think the issue is dying down, I don't see that at all. There are entire industries that have yet to be hit by this, and Congress hasn't even finished cleaning house or putting in place rules to prevent this activity.

ExpressVPN on Tuesday launched a suite of open source tools that let users test for vulnerabilities that can compromise privacy and security in virtual private networks. Released under an open source MIT License, they are the first-ever public tools to allow automated testing for leaks on VPNs, the company said. The tools are written primarily in Python, and available for download on Github.

A popular technique used by website operators to observe the keystrokes, mouse movements and scrolling behavior of visitors on Web pages is fraught with risk. The technique offered by a number of service providers uses scripts to capture the activity of a visitor on a Web page, store it on the provider's servers, and play it back on demand for a website's operators.

If you are like many, when you saw this headline you likely were surprised BlackBerry was still around. As BlackBerry phones left the market, the company fell out of sight. However, behind the scenes it has been moving into industries like automotive. Also, it remains the leading vendor providing mobile security to our politicians, military personnel and major corporations.

Billions of voice-activated IoT devices may be subject to external attack due to BlueBorne vulnerabilities, Armis revealed. Hackers could exploit BlueBorne to mount an airborne attack, using Bluetooth to spread malware and access critical data, including sensitive personal information. More than 20 million Amazon Echo and Google Home smart speakers could have been impacted by the flaws.

Amazon has begun shipping its latest smart home product, a security camera that works with its Alexa personal assistant and Echo speakers. The Amazon Cloud Cam allows customers to live-stream activity inside their home 24/7. It features 1080p full HD resolution, two-way audio for communicating with family members or pets, night vision technology, and sophisticated identification algorithms.