Mark Duell reports: British Airways was today accused of trying to limit a potential £3billion payout over the data breach that saw cyber-hackers steal more than 500,000 customers’ details. The airline has applied to launch its own class action for victims of the hack – but with the condition that claimants must join within just…
Category: Commentaries and Analyses
Phishing attacks on Mac users doubling; here’s what to watch for
Ben Lovejoy reports: Phishing attacks reaching macOS users look set to more than double this year, with emails specifically claiming to be from Apple growing at 30%-40% per year. […] Kaspersky says that its figures reflect only attacks on Macs running its own security software — many of which are in corporate environments — suggesting…
Operation reWired: Worldwide Sweep Targets Business Email Compromise
The FBI and federal partners today announced scores of arrests in the United States and overseas in a coordinated law enforcement sweep targeting perpetrators of an insidious scam that tricks businesses and individuals into wiring money to criminals. Operation reWired, a months-long, multi-agency effort to disrupt and dismantle international business email compromise (BEC) schemes, resulted…
Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds
Orin Kerr writes: The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation. Under the new decision, violating the CFAA…
Secret Service Investigates Breach at U.S. Govt IT Contractor
Brian Krebs reports: The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections…
DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input
Susan B. Cassidy, Samantha Clark, Ryan Burnette and Ian Brekke of Covington & Burling write: On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within…