Browsing Category
CyberSecurity
49 posts
NHS Cyber Attack Highlights Third-Party Risk
A recent cyber attack targeting a blood test provider contracted by the NHS has resulted in the theft…
Cyber Chiefs Express Concerns Over Vendor Security
Top cybersecurity executives are voicing apprehension regarding vendor security practices, shedding light on the growing concerns surrounding third-party…
EU Introduces Stringent AI Legislation
The European Union has unveiled comprehensive legislation aimed at regulating artificial intelligence (AI) technologies, with a strong focus…
2024 Cybersecurity Landscape Unveils Top Priorities for CISOs – Privacy and Third-Party Risk in the Spotlight
In a pivotal report detailing the top priorities for Chief Information Security Officers (CISOs) in 2024, privacy and…
ANSSI and BSI Jointly Release Guidelines on Remote Identity Proofing
France’s National Cybersecurity Agency (ANSSI) and Germany’s Federal Office for Information Security (BSI) have issued a joint release…
New York-Presbyterian Settles Pixel Tracking Case, Exposing Weakness in Data Sharing Practices
In a significant development, New York-Presbyterian Hospital has agreed to pay a $300,000 settlement to resolve a case…
Breaking News for the iGaming Community: Strive Gaming Attains Certification and Provisional Gaming Supplier License in Michigan
Strive Gaming has secured both certification and a provisional gaming supplier license in Michigan, marking a significant milestone…
Irish National Police Data Leak Highlights Third-Party Risk
The recent data breach incident involving the Irish National Police. This breach underscores the critical importance of addressing…
‘Grandoreiro’ Trojan Targets Global Banking Customers
A newly identified threat, the Grandoreiro Trojan, has set its sights on global banking customers, sending shockwaves throughout…
Microsoft unveil multi-year partnership with cyber insurance firm
Microsoft have announced they have partnered up with cyber insurance firm At-Bay to provide increase customers online cybersecurity.
Howard University cancels classes after ransomware attack
Howard University forced to cancel all classes following a ransomware attack. Read linked article for further information
SEC Charges Firms for Deficient Cybersecurity Policies and Procedures
Eight firms had email account takeovers exposing the personal information of thousands of customers and clients
Azure Database Vulnerability
Microsoft has had to warn thousands of Azure users that their data has been vulnerable for the last two years.
Due Diligence: FINRA Guidance on Supervising Vendor Cybersecurity
FINRA found that a large number of member firms had mutiple shortcomings causing violations of FINRA and SEC rules.
NIST Draft Guidance for Federal System Security Assessments
Special publication 800-53A forms part of the guidance to federal systems implementing NIST’s Risk Management Framework, addressing the assessment…
Regulator Powers: Mexico INAI Total Fines in First Semester of 2021
In the first 6 months of 2021, the INAI imposed fines for a total amount of 32,648,000 pesos…
Gigabyte, AMD and Intel Confidential Data Leak
cybernews.com/news/gigabyte-amd-intel-confidential-data-leaked-online/?utm_source=twitter&utm_medium=social&utm_campaign=cybernews&utm_content=tweet
Phishing: New York Court Allows Data Breach Claim Against Employer and Vendor
A phishing scam breached a third party vendor’s email systems, enabling hackers to access sensitive personal information for employees…
May 2021 saw a 440% increase in phishing, the single largest phishing spike on record
www.infosecurity-magazine.com/news/may-phishing-increase-webroot/ #value-privacy #cyber #dataprivacy #privacy #phishing
Mexico UNOTV Recommendations on Preventing Cyber Attacks
Cyber attacks orchestrated by ransomware and phishing continue to be a problem and organizations must work to ensure…
White House Memo Spurs Public-Private Initiatives
The Industrial Control Systems Cybersecurity Initiative is established as a voluntary collaboration between federal government and industry, aiming…
Regulators Powers: LGPD Sanctions Come Into Force
Effective August 1st, 2021, the ANPD may issue a fine up to 2% of a company’s revenue in…
Ransomware threat continues to climb
www.zdnet.com/article/constant-review-of-third-party-security-critical-as-ransomware-threat-climbs/?ftag=COS-05-10aaa0g&taid=610adcaa74067c00018568d3&utm_campaign=trueAnthem%3A+Trending+Content&utm…
Zoom to Pay $85m Settlement
www.zdnet.com/article/zoom-to-pay-85m-settlement-to-set-aside-privacy-violation-and-zoombombing-allegations/?ftag=COS-05-10aaa0g&taid=6107e54da7fdb00001552aa9&utm_campaign=trueAnthem%3A+Trending+Co…
Biometrics: Brazilian Authority Investigates Collection of Fingerprints
The Brazilian Consumer Defense Institute has begun inquiry into two pharmacies for the collection and use of biometric…
Federal Bill Aims to Improve Contractor Cybersecurity
If passed, executive government agencies may not enter into a contract for IT services unless the contractor maintains…
NY DFS Key Measures to Reduce Ransomware Risks
Recommendations include training employees in cybersecurity awareness and how to prevent phishing attacks, implementing a vulnerability and patch…
Regulator Powers: US Executive Order Aims to Promote Competition in the American Economy
President Joe Biden signs Executive Order to strengthen America’s competitive marketplace and open economy; a whole-of-government effort is established…
Brazil Urgently Seeks to Establish AI Regime
If passed, the law will establish principles, rights and duties for the use of AI in Brazil, ensuring…
Liability – Banking: American Bankers Association Urges Rejection of Draft Uniform State Privacy Act
In their comment letter on the draft Uniform Personal Data Protection Act, issued jointly with state bankers associations, the ABA expressed…
NY DFS Clarifies Criteria for Small Business Exemptions
Covered entities are exempt from certain cybersecurity requirements when they and all of their affiliates have a combined…
NIST Defines Critical Software
As required under Executive Order 14028, “critical software” has been defined as any software that has, or has…
Ohio Introduces Personal Privacy Act
If passed, individuals in Ohio State will have the ability to opt-out of the sale of their personal…
Health care organizations struggle to balance breach notification requirements with customer expectations
www.scmagazine.com/home/security-news/data-breach/health-care-organizations-struggle-to-balance-breach-notification-requirements-with-customer-expectations/
Connecticut Enacts New Breach Notification Obligations
Effective October 1, 2021, the deadline for breach notification to State residents would decrease from 90 to 60…
Federal Bill Introduced to Increase Transparency by Internet Platforms
If passed, platforms with 30 million or more active monthly US users must provide notice of any algorithms…
Texas Expands AG Breach Notification Requirements
Effective September 1, 2021, companies reporting breaches of system security to the State AG must include the number…
Chilean Insurance Regulator Standards for Risk Management
Insurers should address responsibilities and ownership of, and financial resources for, a cybersecurity framework, implement a process for regular…
Most ransomware victims hit again
https://www.infosecurity-magazine.com/news/most-ransomware-victims-hit-again/ Most Ransomware Victims Hit Again After Paying – Infosecurity Magazine www.infosecurity-magazine.com
Unfair or Deceptive Acts: Movie Ticketing App Enters Into FTC Settlement
The company denied consumers access to services they paid for, stored consumer data in plain text, and failed…
US Executive Order Aims to Improve Incident Detection and Response
The private sector must adapt to the continuously changing threat environment by ensuring products are built and operate…
Illinois HB 3910 – Consumer Privacy Act updates
The Act is identical to the version introduced in the previous legislative session; if passed, businesses must comply…
Significant Risk Factors to Disclose to Investors
A law firm recommends that the “risk factor” section of a Private Placement Memorandum should address continuously evolving and…
Latest State News – Legislation: Utah Amends the Electronic Information and Data Privacy Act
If passed, law enforcement agencies must have a warrant to obtain location information, electronic information or data transmitted…
Connecticut Proposes Changes to Data Breach Rule
If passed, the deadline for breach notification to State residents would increase from 30 to 60 days. Notification…
Microsoft’s Privacy Chief Calls for Greater Consumer Data Protection to Aid Pandemic Recovery
https://www.law.com/corpcounsel/2020/10/19/microsofts-privacy-chief-calls-for-greater-consumer-data-protection-to-aid-pandemic-recovery/?slreturn=20200919212813
New York Department of Financial Services announced cybersecurity charges against First American Title Insurance Company.
Continuing our updates on Privacy Risk and Readiness Management Despite the massive impacts of the pandemic on the…