Andrew Eversden reports: The National Institute of Standards and Technology is asking for public comments on a new report that provides insight into how organizations can integrate cybersecurity into enterprise risk management. The document, titled “NIST-Interagency Report 8286 Integrating Cybersecurity and Enterprise Risk Management,” advises organizations on how to improve the cybersecurity risk information they…
Report: unidentified database exposes 200 million Americans
The CyberNews research team reports: The CyberNews research team uncovered an unsecured database owned by an unidentified party, comprising 800 gigabytes of personal user information.The database in question was left on a publicly accessible server and contained more than 200 million detailed user records, putting an astonishing number of people at risk. On March 3, 2020, the…
COVID-19 Cybersecurity Advice: FTC, NIST, and CISA Release Guidance on Secure Teleworking and Critical Infrastructure Jobs
Ashden Fein, Trisha Anderson, Libbie Canter and Caleb Skeath of Covington & Burling write: In response to the drastic increase of U.S. employees working remotely, the U.S. Federal Trade Commission (“FTC”) and the U.S. National Institute of Standards and Technology (“NIST”) have both issued guidance for employers and employees on best practices for teleworking securely. …
FBI sees rise in fraud schemes related to the coronavirus (COVID-19) pandemic
A public service announcement issued by the FBI on Friday: Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them. Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing…
Security Breach Disrupts Fintech Firm Finastra
Brian Krebs reports: Finastra, a company that provides a range of technology solutions to banks worldwide, said today it was shutting down key systems in response to a security breach discovered this morning. The company’s public statement and notice to customers does not mention the cause of the outage, but their response so far is…
Oregon DHS notifies public of data breach
KTVZ reports: The Oregon Department of Human Services announced Friday that it uncovered a “phishing” incident on March 6 that affected one staff member’s e-mail. […] The security and confidentiality of private health information is critical to the Department of Human Services. While the department cannot confirm that any clients’ personal information was acquired from…