This looks to be another case where a court shoots downs claims of attorney-client privilege for a breach-related report. And once again, it seems to be a situation in which the firm could not show that the breach litigation was the sole purpose of the report or with whom it was shared. Read about this…
Category: Commentaries and Analyses
SolarWinds Says It Has Found Source of Massive Cyberattack
M. Corey Goldman reports: Security software provider SolarWinds (SWI) – Get Report revealed Tuesday that it has found the source of a highly sophisticated malicious code injection that it believes was used by the perpetrators of the recent cyberattack on the company and its clients, including federal government agencies. In a regulatory filing, SolarWinds said that it was…
Data, Privacy, Pandemic: India just had the Biggest Medical Records Breach Ever
Oommen C. Kurian writes: Public debate this week has been dominated by how WhatsApp compromises personal data and privacy, and the pros and cons of its competitors. On 5 January, there was a story on a technology portal about how details of COVID-19 test results of tens of thousands of patients were leaked on the net through…
Convicted Hacker Charged with Fraud and Identity Theft Committed While Incarcerated in Federal Prison
There’s an update to the case involving Ardit Ferizi, whose criminal history and conviction for hacking and providing material support to a terrorist organization have been covered previously. Just last month, Ferizi had been sentenced to 20 years in prison, but was granted a reduction to time served plus 10 years supervised release, to be…
Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers
A Proposed Rule by the Comptroller of the Currency, the Federal Reserve System, and the Federal Deposit Insurance Corporation on 01/12/2021 This document has a comment period that ends in 90 days. (04/12/2021). You can submit a formal comment on it. Summary: The OCC, Board, and FDIC (together, the agencies) invite comment on a notice of proposed rulemaking (proposed rule or…
Kaspersky Lab autopsies evidence on SolarWinds hack
Gareth Corfield reports: Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia’s FSB security service. Referring to the hidden backdoor secretly implanted in SolarWinds’ Orion product, Kaspersky’s Georgy Kucherin wrote in a blog post on Monday: “While looking at the Sunburst backdoor, we discovered several features that overlap…