Tonya Riley reports: The Securities and Exchange Commission voted Wednesday 3-1 to approve a recommendation for tighter mandatory cybersecurity requirements for financial institutions. The proposed rule will now open to public comment before a final vote. “The proposed rules and amendments are designed to enhance cybersecurity preparedness and could improve investor confidence in the resiliency of advisers…
Ransomware dev releases Egregor, Maze master decryption keys
Lawrence Abrams reports: The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. […] Fast forward 14 months later, and the decryption keys for these operations have now been leaked in the BleepingComputer forums by a user named ‘Topleak’ who claims to be…
NIST Publishes Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products
Micaela McMurrough, Ashden Fein, and Matthew Harden of Covington and Burling write: On February 4, 2022, the National Institute of Standards and Technology (“NIST”) published its Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products (“IoT Criteria”). The IoT Criteria make recommendations for cybersecurity labeling for consumer IoT products, in other words, for IoT…
Georgia voter info posted online after breach of software company
Mark Niesse reports: A data breach of the voting software company EasyVote Solutions exposed Georgia voters’ registration information on the internet, the company confirmed Tuesday. Public information about voters was posted to an online forum, but the breach didn’t involve Social Security numbers or driver’s license numbers, said Charles Davis, chief financial officer for EasyVote. Voter…
East Bay Community College Data Breached In Ransomware Attack
Shawn Taylor reports: Ohlone College was hacked in late January and the private information of some current and former students, staff and faculty was compromised, including Social Security and bank account numbers, according to school officials. The community college said in a Feb. 4 notice on its website and letters sent to students it had…
Puma hit by data breach after Kronos ransomware attack
The Kronos ransomware incident can’t seem to stay out of the news cycle. Not only has it disrupted payroll operations for numerous clients, leaving many employees without their correct weekly paychecks, but employee data has also been stolen. Sergiu Gatlan reports: Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit…