Abdul Karim Abdulwahab reports: The illegal revenue accruing to crypto criminals from ransomware exploits declined in 2022 as more victims refused to pay, according to recent data published by market intelligence firm, Chainalysis. The report noted that Ransomware attackers could only extort $456 million from victims in 2022 after stealing nearly twice that value in…
Category: Commentaries and Analyses
Chinese, North Korean hackers continue exploiting zero-day vulnerabilities
Ionut Arghire reports that Chinese hackers exploited Fortinet FortiOS SSL-VPN vulnerability when it was still a zero-day. Mandiant tracks the bug as CVE-2022-42475 (CVSS score of 9.8), and described it as “a buffer overflow issue that could be exploited by remote, unauthenticated attackers to execute code or commands via crafted requests.” Read more at Security Week….
New Cybersecurity Directives (NIS2 and CER) Enter into Force in EU
Hunton Andrews Kurth writes: On January 16, 2023, the Directive on measures for a high common level of cybersecurity across the Union (the “NIS2 Directive”) and the Directive on the resilience of critical entities (“CER Directive”) entered into force. The NIS2 Directive repeals the current NIS Directive and creates a more extensive and harmonized set of rules on cybersecurity…
Ph: Comelec, Smartmatic cleared of data privacy violations in 2022 polls
Hana Bordey reports: The National Privacy Commission (NPC) has cleared the Commission on Elections and the Smartmatic Group of Companies of alleged violation of the Data Privacy Act (DPA) over the supposed breach of election data during the 2022 national and local polls. This was announced by Comelec spokesperson Rex Laudiangco in a press statement…
NYS Comptroller releases another school district IT audit
Frankfort-Schuyler Central School District – Information Technology Assets and Network Access (2022M-151) Released December 30, 2022 Background The District serves the Towns of Frankfort and Schuyler in Herkimer County. The District is governed by the Board of Education (Board), which is composed of seven elected members. The Board is responsible for the general management and…
European data protection authorities issue record €2.92 billion in GDPR fines
Michael Hill reports: European data regulators issued a record €2.92 billion in fines last year, a 168% increase from 2021. That’s according to the latest GDPR and Data Breach survey from international law firm DLA Piper, which covers all 27 Member States of the European Union, plus the UK, Norway, Iceland, and Liechtenstein. This year’s biggest fine…