Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInWhat Does California’s New Data Privacy Law Mean? Nobody Agrees – The New York Times
Millions of people in California are now seeing notices on many of the apps and websites they use. “Do Not Sell My Personal Information,” the notices may say, or just “Do Not Sell My Info.” But what those messages mean depends on which company you ask. Stopping the sale of personal data is just one […]
Seven Alarming Thank You Notes to Bitcoin | LinkedIn
Presenting for your perusal a collection of alarming 2019 year-end thank you notes to bitcoin — a sort of holiday compendium of bitcoin love-letters, each followed by a brief discussion, with some final thoughts added at the end. In the comment section below, please feel free to write your own (or perhaps someone else’s) thank you […]
Guest Post: Silent Cyber – Is it Deafening? | The D&O Diary
As many insurance industry observers know, one of the great concerns within the industry now is the possible impact of “silent cyber” – that is, the potential for cybersecurity-related coverage outside of purpose-built cyber insurance policies. In the following guest post, Umesh Pratapa takes a look at the silent cyber phenomenon…. via Guest Post: Silent […]
Wawa facing lawsuits over data breach at all of its stores
The Wawa convenience store chain is facing a wave of lawsuits over a data breach that affected its 850 locations along the East Coast. Wawa Inc. discovered malware on its payment processing servers this month before stopping the breach Dec. 12, the company has said. Officials with the company, based in Wawa, Pennsylvania, believe the […]
What You May Have Overlooked in the Run Up to CCPA Compliance | Legaltech News
With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some companies may be scrambling to get their data collection and management processes in order. Others, however, might be taking a wait-and-see approach before fulling investing into large-scale changes. Whatever an organization’s plan, there are certain things all covered entities should […]
Over 267 Million Facebook Users Have Account Info Exposed On Dark Web In Massive Data Breach – CBS New York
Over 267 million Facebook users have had their personal information exposed by another massive data breach. Security researcher Bob Diachenko reportedly made the disturbing find on Dec. 14. Diachenko and U.K. technology research firm Comparitech believe the unprotected database was left open on the dark web for nearly two weeks. via Over 267 Million Facebook […]
Opinion | Cybersecurity Experts Are Leaving the Federal Government. That’s a Problem. – The New York Times
Turnover in the federal government is normal, and cybersecurity professionals, in particular, have plenty of outside career options should they choose to leave. But taken together, the departures by high-level cybersecurity officials in the last half of 2019 amount to more than just the expected churn of government officials — they signify the systematic decimation […]
US Navy Bans TikTok, Citing “Cybersecurity Threat”
Lawmakers are urging the United States Armed Forces to drop TikTok as an approved app. Service members in the US can no longer use TikTok on government-issued smartphones, according to Reuters, due to the popular video-sharing app’s emergence as a “cybersecurity threat.” Both the Navy and the Army are disabling smartphones with TikTok currently installed. […]
Like Voldemort, Ransomware Is Too Scary to Be Named — ProPublica
Each year, millions of ransomware attacks paralyze computer systems of businesses, medical offices, government agencies and individuals. But they pose a particular dilemma for publicly traded companies, which are regulated by the SEC. Because attacks cost money, affect operations and expose cybersecurity vulnerabilities, they sometimes meet the definition used by the SEC of a “material” […]
Wawa data breach 2019: Company warns of ‘data security incident’
Wawa customers who paid with credit or debit cards in the last nine months may have had their card information compromised, the convenience store chain announced Thursday. In a letter, Wawa CEO Chris Gheysens said the chain’s information security team “discovered malware on Wawa payment processing servers” on Dec. 10, “contained” the malware by Dec. 12 and “immediately […]
Are we running out of time to fix aviation cybersecurity? | CSO Online
Shipping giant Maersk suffered close to half a billion dollars in losses in 2017 when it was infected by the NotPetya sabotageware. Maersk was not even a target of that attack. Could the same thing happen in aviation? The realization is beginning to dawn on the aviation sector that, yes, it could. In the Maersk […]
Hackers steal data for 15 million patients, then sell it back to lab that lost it | Ars Technica
Canada’s biggest provider of specialty laboratory testing services said it paid hackers an undisclosed amount for the return of personal data they stole belonging to as many as 15 million customers. Toronto, Ontario-based LifeLabs Notified Canadian authorities of the attack on November 1. The company said a cyberattack struck computer systems that stored data for […]
Ransomware in New Orleans Attack Is Likely Organized Crime
While New Orleans officials remain tight-lipped about a cyber-attack that has hobbled city government since Friday, cyber-sleuths have homed in on the likely weapon: Ryuk, a menacing breed of “ransomware” used to lock up computer data until the target pays in Bitcoin for the key to release it. It was Ryuk that also hit state […]
INSIGHT: Four Steps Law Firms Should Take to Reduce Cybersecurity Risks
Law firms are in an especially interesting place vis-à-vis cybersecurity—many are expanding cybersecurity practices to help clients, but at the same time they themselves are attractive targets for cyber criminals. Many law firms are building and expanding practice areas around cybersecurity as clients look for legal counsel on breach preparedness and response, regulatory requirements, and […]
Inside ‘Evil Corp,’ a $100M Cybercrime Menace — Krebs on Security
The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored […]