Bill Toulas reports: A group of 19 large companies and experts in the field of cybersecurity have felt the need to do something tangible to stop the rise of the ransomware threat, and so they have united forces under the ‘Ransomware Task Force’ (RTF). The group has the goal of developing new technical solutions, as…
Twitter Fine: a View into the Consistency Mechanism, and “Constructive Awareness” of Breaches
Mark Young, Shona O’Donovan and Paul Maynard of Covington & Burling writes about the recent news-making fine the DPC issued to Twitter. They write, in part: Process aside, the DPC’s decision contains some interesting points on when a controller is deemed to be “aware” of a personal data breach for the purpose of notifying a…
Microsoft identifies second hacking group affecting SolarWinds software
Sean Lyngaas reports: Microsoft revealed that a second hacking group had deployed malicious code that affects software made by SolarWinds, the federal contractor at the center of a suspected Russian espionage campaign against multiple U.S. government agencies. “[T]he investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects…
Securing Picture Archiving and Communication System (PACS) Cybersecurity for the Healthcare Sector:
NIST SP 1800-24 OCR is sharing the National Cybersecurity Center of Excellence’s (NCCoE) at the National Institute for Standards and Technology (NIST) SP 1800-24, Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector. This practice guide can help HIPAA covered entities and their business associates implement current cybersecurity standards and best practices to…
Breach alerts dismissed as junk? New guide for sending vital emails may help
An article by Bradley Barth raises a number of good points for entities to consider — BEFORE they ever need to send breach notification emails. And not only does the article describe considerations for entities/senders, but the article also provides some tips for recipients of notification emails: …the Messaging, Malware and Mobile Anti-Abuse Working Group…
WA: City of Ellensburg is the victim of a ransomware cyberattack
Dylan Carter reports that the city confirms it is the victim of a ransomware attack. The type of ransomware has not been named publicly, nor the amount of any ransom demand. The majority of the City of Ellensburg’s network drives and data cannot be accessed. With that being the case, all city departments are being…