Catalin Cimpanu reports: A security researcher has published today details about four zero-day vulnerabilities impacting an IBM security product after the company refused to patch bugs following a private bug disclosure attempt. The bugs impact the IBM Data Risk Manager (IDRM), an enterprise security tool that aggregates feeds from vulnerability scanning tools and other risk management…
Category: Commentaries and Analyses
Everyone’s Working From Home Due to the Coronavirus – Is There Insurance Coverage for a Data Breach?
Jeffrey Dennis and Heather Whitehead of Newmeyer Dillion write: Most organizations are now requiring that their employees work from home (“WFH”) with the ongoing COVID-19 (commonly referred to as the Coronavirus) pandemic. These remote working arrangements provide new opportunities for hackers to infiltrate computer systems, and not surprisingly, attempted cyber attacks are on the rise. …
New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks
Peter Marta, Paul Otto, and Timothy Tobin of Hogan Lovells write: Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. The guidance highlights the heightened cybersecurity risks from the current crisis and NYDFS’ expectations that…
Hacking against corporations surges as workers take computers home
Joseph Menn reports: Hacking activity against corporations in the United States and other countries more than doubled by some measures last month as digital thieves took advantage of security weakened by pandemic work-from-home policies, researchers said. […] Software and security company VMWare Carbon Black said this week that ransomware attacks it monitored jumped 148% in…
CISA Alert (AA20-106A) Guidance on the North Korean Cyber Threat
Summary The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public. The advisory highlights the cyber threat posed by North Korea – formally known as the…
Ca: Privacy breach company remains part of B.C. health data sharing
Jeremy Hainsworth reports: A medical company hit by an October ransomware data privacy breach affecting 15 million Canadians is again named in a B.C. ministerial order as a company that can share British Columbians’ data. But, say observers, there is no issue for British Columbians to worry about as any liability rests with the government…