Jennifer Martin, Ashden Fein and Weiss Nusraty write: Last week, the U.S. Department of Justice (“DOJ”) released a voluntary frameworkfor organizations to use in the development of a formal program to receive reports of network, software, and system vulnerabilities, and to disclose vulnerabilities identified in other organizations’ environments. This framework provides private entities a series…
UK: Patients’ records stolen from Walsall health worker’s car
Mike Woods reports: Patients’ personal therapy records were stolen from the car of a member of staff at Walsall Healthcare NHS Trust. The trust has admitted that therapy records of 41 patients and keys were stolen from the boot of a car in June and said it needs to ‘strengthen the processes for transporting patient…
Data Breach as Office 365 Admin Center Displays Usage Data from Other Tenants
Tony Redmond reports: The danger of making mistakes when changing cloud systems that run at massive scale was demonstrated on Thursday evening (August 3) when the Office 365 Admin Center suddenly started to reveal usage data belonging to other tenants. Reports flooded in from administrators who noticed that the reported email and SharePoint usage for…
INFORMATION SECURITY: OPM Has Improved Controls, but Further Efforts Are Needed
INFORMATION SECURITY: OPM Has Improved Controls, but Further Efforts Are Needed GAO-17-614: Published: Aug 3, 2017. Publicly Released: Aug 3, 2017. What GAO Found Since the 2015 data breaches, the Office of Personnel Management (OPM) has taken actions to prevent, mitigate, and respond to data breaches involving sensitive personal and background investigation information, but actions are…
Researcher Who Stopped WannaCry Ransomware Detained in US After Def Con
Update 1: This indictment may help explain things. Then again, it might not, as the more I read it, the more puzzled I am by the charges. Original Post: Joseph Cox reports: On Wednesday, US authorities detained a researcher who goes by the handle MalwareTech, best known for stopping the spread of the WannaCry ransomware…
Hackers have cashed out on $143,000 of bitcoin from the massive WannaCry ransomware attack
Ryan Browne reports: Hackers have cashed out on more than $143,000 worth of bitcoin relating to ransoms paid from the massive WannaCry cyber-attack earlier this year. Bitcoin payments made by victims of the WannaCry ransomware attack – which totaled 52.2 BTC (around $143,000) – were withdrawn from online wallets overnight. This was confirmed by Elliptic,…