David Bol reports: Scotland’s auditor general has revealed that a huge cyber attack on the Scottish Environmental Protection Agency (Sepa) was carried out after “human error” allowed criminals to access systems. Sepa suffered a huge ransomware attack on Christmas Eve in 2020 which led to around 1.2GB of data, amounting to at least 4,000 files,…
Author: Dissent
SEC’s breach notification proposal one step closer to a final vote
Tonya Riley reports: The Securities and Exchange Commission voted Wednesday 3-1 to approve a recommendation for tighter mandatory cybersecurity requirements for financial institutions. The proposed rule will now open to public comment before a final vote. “The proposed rules and amendments are designed to enhance cybersecurity preparedness and could improve investor confidence in the resiliency of advisers…
Ransomware dev releases Egregor, Maze master decryption keys
Lawrence Abrams reports: The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. […] Fast forward 14 months later, and the decryption keys for these operations have now been leaked in the BleepingComputer forums by a user named ‘Topleak’ who claims to be…
NIST Publishes Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products
Micaela McMurrough, Ashden Fein, and Matthew Harden of Covington and Burling write: On February 4, 2022, the National Institute of Standards and Technology (“NIST”) published its Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products (“IoT Criteria”). The IoT Criteria make recommendations for cybersecurity labeling for consumer IoT products, in other words, for IoT…
Georgia voter info posted online after breach of software company
Mark Niesse reports: A data breach of the voting software company EasyVote Solutions exposed Georgia voters’ registration information on the internet, the company confirmed Tuesday. Public information about voters was posted to an online forum, but the breach didn’t involve Social Security numbers or driver’s license numbers, said Charles Davis, chief financial officer for EasyVote. Voter…
East Bay Community College Data Breached In Ransomware Attack
Shawn Taylor reports: Ohlone College was hacked in late January and the private information of some current and former students, staff and faculty was compromised, including Social Security and bank account numbers, according to school officials. The community college said in a Feb. 4 notice on its website and letters sent to students it had…