R. Dallon Adams reports: In recent months, a slew of cyberattacks hamstrung domestic meat and petroleum production and also set off a few alarms at a Florida water treatment facility. With companies willing to shell out big bucks to bring their companies back online and risk further fallout, it’s becoming increasingly clear that no sector…
Category: Commentaries and Analyses
Ruling Breaks New Ground For CGL Policy Data Breach Coverage Hackings
Peter Selvin of Ervin Cohen & Jessup writes: A recent case from the 5th U.S. Circuit Court of Appeals breaks new ground on the question of whether a commercial general liability policy provides coverage for damages arising from a data breach caused by a third-party hacker. Landry’s Incorporated v. Insurance Company of the State of Pennsylvania, 4…
New York State Comptroller DiNapoli Releases More School District Audits
Comptroller DiNapoli released more school district audits this week. As this site has done in the past, we are listing the ones that deal with information technology. The summaries are below; the links take you to the fuller reports, but as as always: (1) the results are not good (to put it as diplomatically as…
Microsoft Cloud Databases Vulnerable for Years, Firm Says
Kartikay Mehrotra of Bloomberg reports: A vulnerability in Microsoft Inc.’s cloud database system left data at thousands of clients exposed to potential cyberattacks for about two years, according to the Israeli cybersecurity firm that discovered the bug. More than 3,300 of the software giant’s customers were exposed to a flaw in its Azure Cosmos DB…
Advisories are published, but are enough entities reading them and taking precautions?
Three advisories have been released this week about threat actor groups. One involves ALTDOS, one involves HIVE, and one involves the “OnePercent Group,” whose name may not sound familiar to many. ALTDOS (Joint Advisory) It appears that ALTDOS is getting some serious attention from Singapore’s CSA and other agencies in Singapore. These threat actors who…
Alibaba Cloud data leak ‘violated Cybersecurity Law’ in 2019 and must rectify, local Chinese telecoms regulator says
Coco Feng reports: The telecoms authority of China’s eastern Zhejiang province has told the cloud computing unit of Alibaba Group Holding that it violated the country’s Cybersecurity Law and should make rectifications following a complaint about a 2019 information leak. In a letter dated July 5, the Zhejiang Communications Administration (ZCA) said it found Alibaba Cloud “disclosed…