There have been a rash of reports on unemployment fraud due to states simplifying the process to apply online during the pandemic. Could this be part of that bigger picture? WAVE3 reported that the Kentucky Career Center posted the following statement on its website: While there has not been any security breach and no information…
Category: Commentaries and Analyses
French Regulator Lambasts Health Firms Over Mass Data Leak
Helene Fouquet reports: France’s privacy watchdog said it’s investigating the leak of sensitive health data on half a million people and said the companies involved could face heavy penalties if they don’t come forward with details of the breaches. The leaks were of “particularly significant magnitude and severity,” the CNIL said in a statement. Hackers may have…
Ransomware attacks fuelled increase in data theft in 2020, says IBM Security
GRC World Forum reports: Ransomware attacks increased 20% in 2020 compared to the previous year, with “double-extortion” tactics used in 59% of cases, according to a report by IBM Security The 2021 X-Force Threat Intelligence Index also showed how criminals pivoted their attacks to businesses and organisations on which global Covid-19 response efforts relied, including hospitals, medical…
FDA Names First Acting Director of Medical Device Cybersecurity
Michael R. Bertoncini of JacksonLewis writes: The U.S. Food and Drug Administration (FDA) named University of Michigan Associate Professor Kevin Fu Acting Director of Medical Device Security in its Center for Devices and Radiological Health. This is a newly created 12-month post in which Fu will “work to bridge the gap between medicine and computer…
Lazarus targets defense industry with ThreatNeedle
Vyacheslav Kopeytsev and Seongsu Park write: We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking a closer look,…
Privacy Policy Ponderings
Matt Fisher writes: … Could a Privacy Policy be viewed as a contract of adhesion? First, that raises the question of what exactly is a contract of adhesion. It can be a standard form contract that is drafted by one party, often with more leverage, and presented to another party for acceptance without the opportunity…