Federal privacy law faces new hurdles ahead of markup

Business groups and civil rights activists have raised objections to the latest version of the legislation, due for committee consideration Thursday.

The post Federal privacy law faces new hurdles ahead of markup appeared first on CyberScoop.

Continue reading Federal privacy law faces new hurdles ahead of markup

How CISA’s list of “must-patch” vulnerabilities has expanded in both size, and in who’s using it

While CISA says the catalog is catching on, some think it needs improvement.

The post How CISA’s list of “must-patch” vulnerabilities has expanded in both size, and in who’s using it appeared first on CyberScoop.

Continue reading How CISA’s list of “must-patch” vulnerabilities has expanded in both size, and in who’s using it

Vigilante hacking campaign blocks victims from visiting The Pirate Bay, other piracy sites

A hacker doesn’t appear to be happy with the amount of digital piracy out there. A wave of malicious software downloads from October 2020 to January 2021 blocked users from visiting websites that host pirated versions of video games, Microsoft Office and other programs, analysts at antivirus firm Sophos said Thursday. One malware strain borrowed name recognition from The Pirate Bay, a notorious portal that directs users to copyrighted material while also serving up malicious software and nefarious advertisements. The vigilante disguised their malicious code as pirated software on Discord, a popular chat service, and on file-sharing service BitTorrent, Sophos said in a blog post. But instead of getting a bootlegged version of a video game like Minecraft, targets of the campaign downloaded malicious code that prevented their machines from visiting websites for pirated software. In some cases, the attacker made the malicious code appear as if it came from […]

The post Vigilante hacking campaign blocks victims from visiting The Pirate Bay, other piracy sites appeared first on CyberScoop.

Continue reading Vigilante hacking campaign blocks victims from visiting The Pirate Bay, other piracy sites

Government, industry scramble to prioritize ransomware amid fallout from pipeline, JBS breaches

Three weeks ago, the U.S. Chamber of Commerce — the most powerful business lobby in the country — called on the federal government to take several steps to combat ransomware. This week, the White House’s deputy national security adviser penned a letter to industry … urging them to take several steps to combat ransomware. Those are two of the latest moves in a long dance between the feds and private sector over cybersecurity, with a tempo that has hastened considerably since the Colonial Pipeline ransomware attack. Even as both sides say the respective calls for action on ransomware in the oft-hailed “public-private partnership” are well-received, they’re redoubling their messages to each other. As the ransomware challenge looms increasingly large and has proven difficult to wrestle, two of the largest players are trying to find their footing. “While businesses need to do what they can to enhance their security, the government […]

The post Government, industry scramble to prioritize ransomware amid fallout from pipeline, JBS breaches appeared first on CyberScoop.

Continue reading Government, industry scramble to prioritize ransomware amid fallout from pipeline, JBS breaches

Scanning for Flaws, Scoring for Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair… Continue reading Scanning for Flaws, Scoring for Security