Collaborate Disseminate
Financial and insurance organizations have been under increasing attack by Scattered Spider. Now there is more guidance for entities. Hunton Andrews Kurth notes: On May 14, 2024, the UK National Cyber Security Centre (“NCSC”) and three major UK insuran… Continue reading UK NCSC and Insurance Associations Publish Guidance on the Approach to Ransom Payments
Sergiu Gatlan reports: Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources. After first completing the rollout for the Azure portal, the MFA enforcement w… Continue reading Microsoft to start enforcing Azure multi-factor authentication in July
Aaron Nicodemus reports: The Securities and Exchange Commission (SEC) will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers with… Continue reading SEC amends Reg S-P to require data breach notification within 30 days
Bill Toulas reports: Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. The Post Millennial is a conservative Canadian online news magazine belongin… Continue reading Post Millennial hack leaked data impacting 26 million people
On April 28, a new forum user on BreachForums called “Menelik” claimed to have 49 million Dell Technologies customer records for sale. The Daily Dark Web provided a screencap and details from the listing. The customer data purportedly incl… Continue reading Dell notifies customers of breach; seller “Menelik” is ShinyHunters (1)
On April 28, a new forum user on BreachForums called “Menelik” claimed to have 49 million Dell Technologies customer records for sale. The Daily Dark Web provided a screencap and details from the listing. The customer data purportedly incl… Continue reading Dell notifies customers of breach; seller “Menelik” is ShinyHunters (1)
What might happen to a company that has been making false claims about its system security for more than five years after experiencing a massive data breach? Will state attorneys general, the SEC, and the FTC investigate and possibly penalize them for … Continue reading Years later, Marriott admits data were not encrypted before its 2018 data breach. Now what?
DW reports: Germany accused Russia’s military intelligence service, the GRU, on Friday of being behind a 2023 cyberattack that targeted the Social Democrats (SPD). NATO member Germany has been among the Western nations providing military support … Continue reading Germany summons Russian envoy over Fancy Bears cyberattack
For those who would like a timely reminder about making sure you terminate access and take control of devices immediately when an employee or contractor terminates employment, consider this press release from the Southern District of New York on May 1…. Continue reading Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company
Charlie Nash reports: Two conservative news websites – Human Events and The Post Millennial – were hacked on Thursday evening and replaced with a page leaking private information. Both websites were taken down by unnamed hackers and replaced with a fak… Continue reading Conservative News Websites Hacked, Replaced With Page Leaking Private Information