Maggie Miller reports: Key industry groups on Wednesday pushed to give organizations at least three days to report cybersecurity incidents to the federal government, effectively opposing Senate legislation that would give them 24 hours to report breaches. Read more on The Hill.
Category: Of Note
VaxiCode flaw: Quebec refused to give immunity to the whistleblower
Thomas Gerbet reports (machine translation follows): Contrary to what the Minister of Digital Transformation, Eric Caire, said, the Quebec government has never offered immunity to the computer scientist who discovered the security flaw in the VaxiCode health passport application. Exchanges of emails obtained by Radio-Canada reveal the underside of this affair and show that the…
New York State Comptroller DiNapoli Releases More School District Audits
Comptroller DiNapoli released more school district audits this week. As this site has done in the past, we are listing the ones that deal with information technology. The summaries are below; the links take you to the fuller reports, but as as always: (1) the results are not good (to put it as diplomatically as…
Ragnarok ransomware releases master decryptor after shutdown
Ionut Ilascu reports: Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware. The threat actor did not leave a note explaining the move and all of a sudden replaced all the victims on their leak site with a short instruction on how…
California DOJ Must Be Notified About Breaches of the Health Data of 500 or More California Residents
HIPAA Journal reminds us all that states can require notification to the state of breaches that are also covered by HIPAA and can take enforcement action if they are not reported: Recently, there have been several instances where the California DOJ has not been notified about ransomware attacks on California healthcare facilities, even though the…
Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents
Brian Krebs reports: In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for developing a clever piece of digital clipboard-stealing malware that let them siphon his crypto holdings….