January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified personnel to manage key cybersecurity functions and failed to provide adequate training…
Orlando, Florida – United States Attorney Roger B. Handberg announces that Michael Scheuer (39, Orlando) today pleaded guilty to one count of knowingly transmitting a program, code, or command to a protected computer and intentionally causing damage without authorization and one count of aggravated identity theft. Scheuer faces a maximum penalty of 10 years in federal prison…
Amber DaSilva reports: If you own a modern Subaru, chances are you’ve heard of Starlink — the company’s connected services suite, which lets you control your car through an app or call roadside assistance to your location. That system, though, has other functionality that you might not know: Storing your car’s location history for the last year, and making that…
An interesting report by Nisos looks at those selling or advertising insider access and those recruiting insiders at firms. From the report: Executive Summary Nisos routinely monitors mainstream and alternative social media platforms, as well as cloud-based messaging applications and dark web forums to identify individuals and networks advertising insider access or recruiting insiders at…
Bill Toulas reports: A security researcher discovered a flaw in Cloudflare’s content delivery network (CDN), which could expose a person’s general location by simply sending them an image on platforms like Signal and Discord. While the geo-locating capability of the attack is not precise enough for street-level tracking, it can provide enough data to infer what…
Ambrose Li reports: The local arm of international charity Oxfam violated the data protection law following a leak in July that potentially affected 550,000 people, Hong Kong’s privacy watchdog ruled in an investigation report on Thursday. […] “The privacy commissioner considered that Oxfam had not taken all practicable steps to ensure that the personal data…