Commentaries and Analyses – Page 157

3rd Circuit vacates dismissal of data breach suit

Posted on September 9, 2022 by Dissent

Biuckley LLP writes: On September 2, the U.S. Court of Appeals for the Third Circuit vacated the dismissal of a class action alleging that a defendant pharmaceutical research company’s negligence led to a data breach. According to the opinion, the plaintiff, who is a former employee of the defendant’s subsidiary, provided her sensitive personal and financial…

RESOURCE: Storing Passwords in your Browser Can Ruin Your Life (But Will Make Criminals VERY Happy!)

Posted on September 6, 2022October 28, 2024 by Dissent

[The following was originally posted at PogoWasRight.org] As the world reels from daily cyber attacks, it’s more important than ever to understand how our online behavior can negatively impact our family and work. From storing usernames and passwords in the browser to using the same device for work, personal financial matters, and playing online games,…

CSA Alert (AA22-249A) #StopRansomware: Vice Society

Posted on September 6, 2022 by Dissent

Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to…

URLs Are NOT Passwords, and Sadly, That Needed to Be Said (Stolowitz vs. Nuance Communications)

Posted on September 6, 2022October 24, 2024 by Dissent

In 2014, Nuance Communications discovered that anyone could access protected health information on one of its platforms. After the situation persisted for years, a former employee decided to submit a whistleblower complaint to HHS. For his efforts, he spent more than one year fending off threatened federal hacking charges, even though no hacking was involved….

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Posted on September 6, 2022 by Dissent

Seen on Resecurity’s blog: a reminder that our current defenses fall rapidly as nimble criminals find a work-around and that some developments enable second-tier or less sophisticated attackers to punch above their weight: Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate…

SGF Urges Need To Curb Data Breaches In Nigeria

Posted on September 4, 2022 by Dissent

Jacob Segun Olatunji reports: The Secretary to the Government of the Federation, Boss Mustapha, has urged the need to curb the menace of data breaches in the country. He made the call when the National Commissioner of Nigeria Data Protection Bureau (NDPB), Dr Vincent Olatunji, led some staff of the Bureau on a visit to…