Gordon Lubold and Dustin Volz report: The Navy is hiring a new cyber chief in an attempt to better shield its military secrets from Chinese hackers and other nation-state thieves who have aggressively targeted naval operations in recent years, according to Navy officials. The new position is part of a broader effort to improve cybersecurity…
Category: Of Note
Polish data protection authority issues €645,000 fine to online retailer
Jessica Belton reports: Poland’s Personal Data Protection Office (UODO) this week imposed a PLN 2.8 million (€645,000) fine on online retailer Morele.net for “insufficient organisational and technical safeguards”. The data breach affected approximately 2.2 million customers who purchased products through one of the group’s nine websites. Read more on IT Governance.
Anonymous researcher drops vBulletin 5.x zero-day impacting tens of thousands of sites
Catalin Cimpanu reports: An anonymous security researcher has published details about a zero-day in vBulletin, today’s most popular internet forum software. Because of this individual’s actions, security experts are now concerned that the publication of details about this unpatched vulnerability could trigger a wave of forum hacks across the internet, with hackers taking over forum…
California Passes Several Amendments to the California Consumer Privacy Act
Dorian Simmons of Alston & Bird writes: The California legislature passed several amendments to the California Consumer Privacy Act of 2018 (Cal. Civ. Code §§ 1798.100 to 1798.190) (the “CCPA”) on September 13, 2019. (See our previous blog posts here: Which CCPA Amendments Made the Cut? and Potential Changes to the CCPA; California Senate Considers…
SEC’s Proposed Revisions to Regulation S-K Will Minimally Impact Cybersecurity Disclosure Requirements
Sara A. Arrow and Peter A. Nelson of Patterson Belknap write: It has been thirty years since the Securities and Exchange Commission (the “SEC”) significantly revised Regulation S-K, which sets forth reporting requirements for public companies. The SEC is now taking a fresh look at the rules, proposing for public comment amendments to modernize the…
Russian Hacker Pleads Guilty For Involvement In Massive Network Intrusions At U.S. Financial Institutions, Brokerage Firms, A Major News Publication, And Other Companies
There’s a follow-up to the case of the hacker involved in the 2014 JP Morgan hack. From the Department of Justice, today: Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced today that ANDREI TYURIN, a/k/a “Andrei Tiurin,” pled guilty in Manhattan federal court to computer intrusion, wire fraud,…