“Don’t send verification codes to anyone via text or email,” wrote Kristin Cohen, chief of the FTC's Office of Technology Research and Investigation, in a blog post Wednesday. Verification codes should be used only on the login page, Cohen said. Individuals who get a verification code they didn’t request should tell the provider, she said, because it could be a sign someone is tampering with the account. It’s possible a hacker with an individual’s email address and mobile number can pretend to be an individual’s email provider and send a text asking for a verification code to unlock the email account, Cohen said. The hacker can learn a lot of information looking through an email account or change email settings so emails are forwarded directly to the hacker, she said.

Email phishing campaigns appearing to be from the Office of Personnel Management and the identity protection firm CSID increased after last month's announcement that OPM suffered breaches, said the U.S. Computer Emergency Readiness Team (U.S.-CERT) in an alert Tuesday. “For those affected by the recent data breach, the legitimate domain used for accessing identity protection services is https://opm.csid.com.” Users should visit the OPM website for more information and report suspicious emails to U.S.-CERT, it said.

After reports the intelligence community was resistant to integrate its systems with those operated by the Office of Personnel Management’s (OPM) due to security concerns before recent breaches at OPM occurred, Brookings Institution Senior Fellow in Government Studies Benjamin Wittes questioned in a blog post Tuesday why “nobody in the intelligence community bothered, it seems, to help secure OPM’s systems.” If the Director of National Intelligence’s office thought the data OPM managed wasn't secure, why not secure those systems, Wittes asked. Though he says OPM isn’t without fault, “identifying intelligence targets in the federal government and securing them against professional intelligence adversaries is really the job of others in the federal government, and at least some of those others had their eyes on this problem,” he said. “The more I think about it, the less I think it makes sense to blame OPM for the failure here, and the more I think the intelligence community itself must take responsibility for it -- particularly for any portions of the breach or breaches that involve data for security clearance background checks,” Wittes said. The Office of the DNI didn't comment.

SoundHound announced Apple Music integration with its music app Tuesday. An “Apple Music -- Listen Now” option, available on the home page and within song pages, links to Apple Music, where users can stream music of artists discovered through SoundHound features including music identification, personalized history, top charts and music maps, said SoundHound. Users will also be able to stream Beats 1 Radio from within song pages, said the company.

Cisco plans to buy OpenDNS, a San Francisco-based Internet security company, for $635 million in cash, assumed equity and retention-based incentives, to "add broad visibility and threat intelligence," Cisco said in a news release Tuesday. The purchase was spurred by Cisco's desire to "reduce the time to detect and respond to threats, and mitigate risk of a security breach" by combining its security capabilities with OpenDNS' "broad visibility, unique predictive threat intelligence and cloud platform," Cisco said. The buyer said it expects to complete the deal in Q1.

The FTC is expanding its efforts to help businesses protect consumers’ information through an initiative to give firms more information on data security, the agency said in a news release Tuesday. The Start with Security initiative includes new guidance for businesses based on the more than 50 data security cases the FTC has brought throughout the years, it said. The guidance laid out 10 key steps to effective data security and is “designed to provide an easy way for companies to understand the lessons learned from those previous cases,” said the commission. A series of conferences will be held across the country for small- and medium-sized businesses, starting with one at the University of California Hastings College of the Law in San Francisco Sept. 9. A second event will be at the University of Texas Strauss Center for International Security and Law in Austin Nov. 5, it said. The FTC also created a website dedicated to data security information for businesses.

Brazil and the U.S. said they will resume their joint Working Group on Internet and Information and Communication Technologies, with the group set to hold its second-ever meeting this fall in Brasilia. The group held its first meeting in July 2012 and disbanded after the start of former NSA contractor Edward Snowden’s leaks about controversial NSA surveillance programs, an industry lawyer told us. Brazil later enacted a law strengthening Internet privacy policies due to the “anger and repudiation” of the NSA surveillance programs (see report in the April 24, 2014, issue). The restart of the U.S.-Brazil working group “will offer the opportunity of exchanging experiences and exploring possibilities for cooperation in a number of key areas, including e-government, the digital economy, cybersecurity, cybercrime prevention, capacity building activities, international security in cyberspace, and research, development, and innovation,” said President Barack Obama and Brazilian President Dilma Rousseff in a joint statement Tuesday. Rousseff has been in Washington this week to meet on U.S.-Brazil relations. The countries reaffirmed their commitment to “cooperate for the success” of the next Internet Governance Forum Nov. 10-13 in João Pessoa, Brazil, and said they will participate actively in the U.N. General Assembly’s high-level meeting on the 10-year review of the World Summit on the Information Society outcomes in December.

CEA and LonMark International set two standards for home and building automation. The standards give multiple parties -- users, developers, vendors, integrators and specifiers of open building control systems -- a way to develop and deliver a higher level of device-to-device interoperability using any open control networking communication platform, said CEA in a Monday news release. The intent of the standards is “to offer to the market a very proven, well adopted approach to solving the Internet of Things (IoT) interoperability issue,” said Ron Bernstein, LonMark chief ambassador. The library of device profiles includes definitions for HVAC, lighting, security, access, metering, energy management, fire and smoke control, gateways, room automation, renewable energy, utility, transportation and home and appliances.

A New York City-based private investigator was sentenced to three months in prison Friday by a federal court after pleading guilty in March to conspiracy to commit computer hacking, said a news release from the U.S. Attorney’s Office for the Southern District of New York. It said that since 2009, Eric Saldarriaga, 41, advertised “Hacking Services” on the Internet, and hired individuals to hack into email accounts for about 50 different individuals he investigated on behalf of his clients, as well as individuals he was interested in personally. Saldarriaga was ordered to forfeit $5,000, pay a $1,000 fine and also was sentenced to three years of supervised release.

In branded tablets, there’s “no denying the market is losing its momentum and leading vendors are feeling the squeeze,” ABI Research said in a Monday report that said tablet shipments in Q1 registered their largest declines since the category’s 2009 inception. It estimates shipments dipped 35 percent sequentially from Q4 and 16 percent from Q1 a year earlier. The slowdown “does not necessarily mean the end of the tablet market,” ABI said. “Tablets are still popular among consumer households and even have a practical purpose for many businesses and the education sector,” the firm said, describing tablets as a market in search of a “niche.”