Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1 The National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (“Resource Guide”). NIST is seeking stakeholder input…
Author: Dissent
Sekurak blog interviewed Babuk about Metropolitan DC Police attack
A blogger from Sekurak (a Polish blog) conducted a great interview with Babuk yesterday. You can read the write-up here. Here’s a snippet from it: sekurak : How did you get to the police infrastructure in Washington? Babuk : 0-day VPN. We can’t say anything else, it’s 0-day after all. sekurak : When did the Washington Police realize that…
Breached Online Ordering Platforms Expose Hundreds of Restaurants
How many of us increased our online orders from restaurants because of the pandemic? Unsurprisingly, criminals have been motivated by that to engage in even more Card Not Present (CNP) fraud. A new report by Gemini Advisory, released today, highlights the growing risks restaurants (and consumers) face. In the past 6 months, Gemini has reported…
Data Brokers and National Security
Michael Kans reports: In the worlds of data protection and privacy, too often there is a decoupling of national security issues and what might be termed non-national security issues despite the clear interplay between the two realms. Over the past decade, U.S. adversaries have vacuumed up the personal data of many Americans with one nation…
Dutch government pauses coronavirus app over data leak fears
AP reports: The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system. Health Minister Hugo de Jonge announced late Wednesday that the CoronaMelder app will stop sending warnings for 48 hours while the government checks if users’ data is…
Ransomware gang leaks court and prisoner files from Illinois Attorney General Office
Catalin Cimpanu has an update to a situation first reported on DataBreaches.net last week. The operators of the DopplePaymer ransomware have leaked a large collection of files from the Illinois Office of the Attorney General after negotiations have broken down and officials refused to pay a ransom demand, The Record has learned. Perhaps the most interesting…