Statement to be submitted by the Electronic Frontier Foundation, accredited under operative paragraph No. 9 of UN General Assembly Resolution 75/282, on behalf of 124 signatories. We, the undersigned, representing a broad spectrum of the global security research community, write to express our serious concerns about the UN Cybercrime Treaty drafts released during the sixth session and the most recent…
Category: Of Note
HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Montefiore Medical Center, a non-profit hospital system based in New York City for several potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. OCR is responsible for administering and enforcing health information…
EU and United States enhance cooperation on cybersecurity
The EU and the United States took an important step to further strengthen their mutual cyber resilience and foster a secure global cyberspace During his visit to Washington D.C., Thierry Breton, Commissioner for Internal Market issued a joint statement with Alejandro N. Mayorkas, United States Secretary of Homeland Security, recalling the importance of cooperation between like-minded partners to address…
Cloudflare hacked using auth tokens stolen in Okta attack
Sergiu Gatlan reports: Cloudflare disclosed today that its internal Atlassian server was breached by a suspected ‘nation state attacker’ who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system. The threat actor first gained access to Cloudflare’s self-hosted Atlassian server on November 14 and then accessed the company’s Confluence and Jira…
Ex-CIA software engineer sentenced to 40 years for giving secrets to WikiLeaks
The Guardian reports: A former Central Intelligence Agency (CIA) software engineer who was convicted for carrying out the largest theft of classified information in the agency’s history and of charges related to child abuse imagery was sentenced to 40 years in prison on Thursday. The 40-year sentence by US district judge Jesse Furman was for…
FTC Order Will Require Blackbaud to Delete Unnecessary Data, Boost Safeguards to Settle Charges its Lax Security Practices Led to Data Breach
FTC says company’s poor security allowed hacker to steal sensitive data of millions of consumers, go undetected for months South Carolina-based Blackbaud Inc. will be required to delete personal data that it doesn’t need to retain as part of a settlement with the Federal Trade Commission over charges that the company’s lax security allowed a…