Sara Merken reports: The Federal Trade Commission is issuing specific data security requirements to companies as part of agency settlements, policing businesses more aggressively than before, attorneys and former staff said. Proposed settlements reached this year with LightYear Dealer Technologies LLC, ClixSense.com, Unixiz Inc, and D-Link Systems Inc. show what the FTC is expecting in…
Category: Commentaries and Analyses
Author of multiple IoT botnets pleads guilty
Catalin Cimpanu reports: A 21-year-old from Vancouver, Washington pleaded guilty today to creating and operating multiple iterations of DDoS botnets made up of home routers and other networking and Internet of Things (IoT) devices. Kenneth Currin Schuchman, known online as Nexus Zeta, rented access to these botnets to others, but he also used the botnets…
AU: Breach notification rules for new government data scheme, but no consent for sharing
Rohan Pearce reports: New legislation that will enable data collected by public sector agencies to be more easily shared is expected to be accompanied by new rules for data breach notifications, a discussion paper released today by the government said. The government in May 2018 said it would introduce a new data sharing and release…
BEC overtakes ransomware and data breaches in cyber-insurance claims
Catalin Cimpanu reports: Business email compromise (BEC) has overtaken ransomware and data breaches as the main reason companies filed a cyber-insurance claim in the EMEA (Europe, the Middle East, and Asia) region last year, said insurance giant AIG. According to statistics published in July, AIG said that BEC-related insurance filings accounted for nearly a quarter…
Student surprise: malware masked as textbooks and essays
From the Kaspersky Team, this useful alert: We have written on numerous occasions about how easy it is to inadvertently pick up some nasty stuff when you try to download popular TV shows or game cheats. However, cybercriminals do not just limit themselves to entertainment products. You can also stumble upon a virus when looking…
Over 47,000 Supermicro servers are exposing BMC ports on the internet
Catalin Cimpanu reports: More than 47,000 workstations and servers, possibly more, running on Supermicro motherboards are currently open to attacks because administrators have left an internal component exposed on the internet. These systems are vulnerable to a new set of vulnerabilities named USBAnywhere that affect the baseboard management controller (BMC) firmware of Supermicro motherboards. Read…