Elias Groll and AJ Vicens report: Microsoft’s Digital Crimes Unit, cybersecurity firm Fortra and the Health Information Sharing & Analysis Center announced legal action Thursday to seize domains related to criminal activity involving cracked copies of the security testing application Cobalt Strike, which has become a favorite tool for cybercriminals to carry out attacks around…
Category: Commentaries and Analyses
What Is CIRCIA and How Does This Cybersecurity Law Impact You?
Chris Odogwu writes: The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) is a federal law mandating “covered entities” that deal with critical infrastructure to report cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA). If you encounter a cyberattack, you might want to share your experience with your security team or anyone else who can…
Two-Fifths of IT Pros Told to Keep Breaches Quiet
Phil Muncaster reports: Over two-fifths (42%) of IT professionals have been told to keep a security breach under wraps, potentially inflaming regulatory compliance risk, according to a new study from Bitdefender. The security vendor polled 400 IT professionals, from IT junior managers to CISOs across various industry sectors, in organizations with over 1000 employees. Read more at InfoSecurity.
Covid Contact-Tracing Contractor Settles Data Breach Lawsuit
Christopher Brown reports: Insight Global LLC will pay up to $5,000 each to victims of an April 2021 data breach involving Covid-19 contact-tracing data to compensate them for extraordinary out-of-pocket losses, in a settlement given final approval by a federal judge. Lisa Chapman filed the proposed class action against Insight and the Pennsylvania Department of…
OCR Labs denies breach report details, patches vulnerability
Chris Burt reports: A vulnerability allegedly exposing sensitive credentials of Australian financial institutions has been closed by OCR Labs, after being discovered and disclosed by Cybernews researchers. The biometric liveness detection API used by OCR Labs is among the exposed data, according to the report. OCR Labs takes issue with details in the report, however, telling Biometric Update that the…
Proposed UN Cybercrime Treaty Negotiations Headed in Troubling Direction, Sidestepping Human Rights Protections and Threatening Free Expression, EFF and Allies Warn
A press release from EFF: San Francisco—On Thursday, April 13, at 10:00 am Pacific Time (1:00 pm Eastern Time, 7 pm CEST), experts with Electronic Frontier Foundation (EFF) and four international allies will brief reporters on the grave threat to human rights posed by ongoing UN Cybercrime Treaty negotiations that could lead to broad surveillance…