Following up on President Biden’s recent executive order and the Justice Department’s notice of proposed rulemaking, CISA has issued the following: PROPOSED SECURITY REQUIREMENTS FOR RESTRICTED TRANSACTIONS Pursuant to Exec. Order 14117, Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern On February 28, 2024, President Biden signed…
Madras High Court dismisses petition seeking probe into Star Health Insurance data breach
Ayesha Arvind reports: The Madras High Court Wednesday dismissed the petition filed by cyber security researcher Himanshu Pathak seeking a probe into the alleged data breach at national insurance firm, Star Health Insurance. Justice M Dhandapani dismissed Pathak’s petition after noting that a civil suit filed by Star Health last year dealing with the same issue is already pending…
Pro-Palestinian hacktivists attack infrastructure in Cyprus
Yemen News Agency (SABA) reports that infrastructure attacks by a number of pro-Palestinian groups has caused temporary disruption to banks, airports and government websites in Cyprus: The first warnings about a possible cyber operation against Cyprus appeared last week, following statements on Telegram and dark web forums from groups such as “Lulzsic Black” (sic), “Moroccan…
The Global State of Internet of Healthcare Things (IoHT) Exposures on Public-Facing Networks
Censys recently published a new research report that looks at exposed data on the internet involving healthcare devices and systems connected to PHI. Here’s their Executive Summary: Censys discovered 14,004 unique IP addresses exposing healthcare devices and data systems connected to potentially sensitive medical information on the public internet. These exposures greatly raise the risk of unauthorized…
Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of ransomware attack
Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…
Justice Department Issues Comprehensive Proposed Rule Addressing National Security Risks Posed to U.S. Sensitive Data
From the U.S. Department of Justice, October 21: Proposed Rule Would Establish New Program to Implement Executive Order to Prevent Access to Americans’ Sensitive Personal Data by Russia, Iran, China, and Other Countries of Concern Note: Read the Department’s fact sheet on this matter here. The Justice Department today issued a Notice of Proposed Rulemaking (NPRM) to implement…