House subcommittee hears testimony on data breach law

House subcommittee hears testimony on data breach law

Testimony in House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade hearing aimed at shaping national data breach notification law.

FCC warns businesses: Wi-Fi blocking prohibited

In an attempt to put the issue to rest, the agency warned businesses against blocking guests' personal hotspots.

How organizations can prepare for 2015 data privacy legislation

How organizations can prepare for 2015 data privacy legislation

Many states have laws today that require corporations and government agencies to notify consumers in the event of a breach - but it is not enough.

Report: Most U.S. weapons programs contain 'significant vulnerabilities'

The head weapons tester at the Pentagon has released a report that indicates a slew of vulnerabilities affecting Department of Defense networks.

Eleventh Circuit dismisses LabMD motion questioning FTC authority

LabMD can challenge the FTC's enforcement authority in federal court once the agency comes to a final decision on the exposure of patient data.

Changes made to Healthcare.gov regarding personal data sent to third parties

The Obama administration has scaled back the amount of personal information of Healthcare.gov users it sends to third parties.

Proposed CFAA revisions agitate IT security community

Proposed CFAA revisions agitate IT security community

The security community is voicing concern over proposed revisions to the Computer Fraud and Abuse Act (CFAA) by taking to Twitter and personal blogs.

Congress to hold first data breach legislation hearing

The 114th Congress will meet on Tuesday, Jan. 27 to discuss potential national breach notification legislation that might require companies to notify affected customers within 30 days.

NAFCU asks Congress to create bipartisan data breach working group

NAFCU asks Congress to create bipartisan data breach working group

The National Association of Federal Credit Unions sent Congressional leaders a letter calling for the creation of a bipartisan working group to shape breach legislation.

Barrett Brown sentenced to 63 months in prison

Barrett Brown sentenced to 63 months in prison

In April 2014, Brown pleaded guilty to posting an online threat aimed at a federal agent, as well as other charges.

DOJ settles fake Facebook page case, awards plaintiff $134K

A woman accused a federal agent of using her cellphone data to create a fake Facebook page.

Obama talks cybersecurity legislation in State of the Union

Obama talks cybersecurity legislation in State of the Union

The President urged Congress to pass law that would better protect the nation from emerging cyber threats.

GCHQ collected emails of journalists at major media orgs

One of the affected media outlets, the Guardian, revealed the news.

Congressman asks Holder to review Christie's access to private E-ZPass data

Congressman asks Holder to review Christie's access to private E-ZPass data

A New Jersey congressman has asked the Justice Department to investigate whether New Jersey Governor Chris Christie and a Port Authority official violated state privacy laws when they revealed E-ZPass data.

Report: NSA efforts influenced U.S. stance on Sony attack

Report: NSA efforts influenced U.S. stance on Sony attack

The New York Times revealed new info on NSA's years-long surveillance efforts against North Korea.

U.S. and U.K. to team up in cyber defense exercises

The coordinated effort includes a newly formed cyber cell comprised of officials from the NSA, FBI and Britain's GCHQ and MI5.

After FCC fine, Marriott says it won't block guests' Wi-Fi networks

Last October, the FCC came after Marriott with a $600,000 fine.

New York AG proposes legal protections for medical data, login info

New York AG proposes legal protections for medical data, login info

The attorney general is pushing lawmakers to back legislation that would expand the definition of protected "private information."

Head of Marine Forces Cyber Command to lead DIA

Maj. Gen. Vincent Stewart will be the first African-American and Marine to head the Defense Intelligence Agency.

On heels of Obama privacy talk, senator to reintroduce breach notification bill

On heels of Obama privacy talk, senator to reintroduce breach notification bill

A Florida senator is drafting the Data Security and Breach Notification Act of 2015, a year after similar legislation was introduced.

DOE to support cybersecurity ed at HBCUs with $25M in grants

The grants, provided over the next five years, will support training at historically black colleges and universities.

NJ law requires health insurance carriers to encrypt sensitive data

New Jersey Governor Chris Christie signed the legislation last Friday.

Obama to call for national breach notification law, student privacy bill

Obama to call for national breach notification law, student privacy bill

Speaking to the Federal Trade Commission (FTC), President Obama said he will propose a Personal Data Notification and Protection Act and a Student Data Privacy Act.

Declassified info shows FBI's role in warrantless surveillance increased

Declassified info shows FBI's role in warrantless surveillance increased

A FOIA lawsuit by The New York Times stirred the Justice Department to make new information available.

FBI shares info on Sony hack, but doubt in N. Korea theory lingers

FBI shares info on Sony hack, but doubt in N. Korea theory lingers

The FBI director said that attackers failed to use proxy servers to conceal their whereabouts when sending threatening emails to Sony employees.

Snowden: Cyber attack defenses weakened by U.S. policies

Whistleblower Edward Snowden believes that U.S. policy regarding cyber security is creating a system of incentives for researchers to sell vulnerabilities to secret government agencies.

Congressman presses KeyPoint for answers following data breach

Rep. Elijah Cummings requested information related to the KeyPoint Government Solutions breach, including records of previous intrusions, forensic analysis and suspected identities.

White House passes on petitions to fire Swartz prosecutors

The petitions called for the firing of federal prosecutors in Aaron Swartz's case.

Former CBS reporter claims gov't hacked computer, sues for $35M

Journalist Sharyl Attkisson claims the federal government secretly monitored her personal and work computer due to her coverage on controversial topics.

Pro-Russian group claims it hacked German Chancellor website

A pro-Russian organization has claimed credit for a distributed denial-of-service attack made several German government websites unavailable to visitors.

AP report: North Korea cyber army has 6,000 members, South Korea says

South Korea revealed that North Korea has amassed a "cyber army" made up of 6,000 members, and the team is dedicated to targeting South Korea's military and government.

In child porn case, former HHS cybersecurity director gets 25 years

In child porn case, former HHS cybersecurity director gets 25 years

Timothy DeFoggi, the former acting director of cybersecurity for Health and Human Services, was convicted in August 2014.

President imposes sanctions against North Korea for Sony attack

President imposes sanctions against North Korea for Sony attack

President Obama has issued a formal U.S. response to the Sony hack in the form of sanctions against North Korea.

FBI: Sony hackers threatened U.S. news organization

FBI: Sony hackers threatened U.S. news organization

Early reports suggest that the news organization being threatened is CNN.

Gmail service possibly restored in China following four-day outage

China-based Gmail users reported issues accessing their accounts via third-party email services, but service may have since been restored.

FBI searching for cyber experts to become special agents

Recruits would have the opportunity to become the lead agent in counterterrorism or counterintelligence investigations.

U.S. uses TiSA talks to seek breach investigation immunity for American companies

Leaked documents show the U.S. lobbying for major companies to be pursued in American courts rather than in host countries where they operate.

Cyberattack fells German iron plant

A German iron plant fell victim to a cyberattack that caused physical damage, according to a report on Wednesday from a German federal agency.

North Korea's internet access unstable

Access to the internet within North Korea has been undependable in the past 24 hours.

40,000 federal employees impacted by contractor breach

Federal contractor KeyPoint Government Solutions, which conducts background checks on federal employees, has been impacted by a data breach.

Sony investigation reveals North Korea behind cyber attack, FBI says

Following an investigation which involved other U.S. government departments and agencies, the agency concluded that the North Korean government conducted the Sony Pictures Entertainment cyber attack.

White House calls Sony hack a "serious national security matter," gov't mulls proper response

White House calls Sony hack a "serious national security matter," gov't mulls proper response

Sony Pictures recently canceled the "The Interview" movie release, following hacker threats.

FBI op, leading to child porn convictions, used Metasploit

Several were arrested in Operation Torpedo, including former acting HHS cyber director DeFoggi.

Senate and House pass cybersecurity bill

The U.S. House of Representatives and the Senate passed to the CyberSecurity Enhancement Act of 2014, giving NIST the go-ahead to develop voluntary cyber standards for critical infrastructure.

House, in rush vote, passes Intelligence Authorization Act

House, in rush vote, passes Intelligence Authorization Act

The Senate passed the Act on Wednesday after adding a controversial amendment and the House rushed to pass it with little room for debate.

Site operator pleads guilty to facilitating prostitution, a first in federal convictions

Site operator pleads guilty to facilitating prostitution, a first in federal convictions

Eric Omuro, who also goes by "Red," ran the site myRedBook.com.

Court hears oral arguments for appeal in Smith v. Obama

Court hears oral arguments for appeal in Smith v. Obama

Peter Smith, the husband and lawyer of plaintiff Anna Smith, argued that her Fourth Amendment rights were violated in dragnet surveillance by the NSA.

North Korea: Sony Pictures hack may be work of gov't supporters

North Korea: Sony Pictures hack may be work of gov't supporters

Meanwhile, an internal email between execs at Sony Pictures and Mandiant, the forensics unit tapped to investigate the breach, leaked to the press.

The proliferation of mandates

The proliferation of mandates

The reality of ubiquitous reliance on ICT has given rise to the criticality of cyber security, says Cisco CSO Edna Conway.

Report: NSA operation to identify cell phone network weaknesses, exploit for surveillance

The NSA intercepted communications from hundreds of email accounts from major cell phone network operators to exploit network weaknesses for surveillance purposes.

Bill introduced, bans government mandates to build weaknesses into technologies

U.S. Senator Ron Wyden introduced the Secure Data Act on Thursday to prohibit federal agencies from mandating that backdoors and other security vulnerabilities be built into U.S. software and electronics.

House passes critical infrastructure protection bill

The U.S. House of Representatives unanimously approved three bills, including the Critical Infrastructure Protection Act.

Credit unions urge Congress to enforce security standards for retailers

The National Association of Federal Credit Unions is asking Congress to establish national data breach and notification standards for retailers.

Regin: nation-state possibly behind the stealthy modular spying malware

Regin: nation-state possibly behind the stealthy modular spying malware

Symantec is referring to the malware as 'groundbreaking,' particularly due to the advanced techniques it uses to conceal itself.

DHS, FBI sound alert on holiday cyber scams

The FBI and Homeland Security's US-CERT team have both warned that online scams, taking advantage of the holiday shopping frenzy, will be plentiful this season.

International commission to create recommendations on internet governance

The 29-member Global Commission of Internet Governance Innovation features political leaders, global academics and business leaders that will explore pressing topics in the digital world.

NSA director states China can shut down U.S. electric grids, report indicates

The director of the NSA stated that China, as well as "one or two" other countries, is capable of launching cyberattacks to shut down electric grids and other critical infrastructure in parts of the U.S.

ACLU requests info on gov't spy program using 'dirtboxes'

Earlier this month, it was revealed that DOJ uses "dirtboxes" attached to aircrafts to spy on Americans' mobile devices.

USPS draws ire of Congress over data breach response

USPS draws ire of Congress over data breach response

Members of the USPS testified before a House subcommittee Wednesday, drawing criticism over the delay in its breach notification to impacted employees.

NATO launches largest cyber exercise to test its network security

With more than 400 technical, government and cyber experts involved, Cyber Coalition 2014 tested the speed of sharing threat intelligence.

USA Freedom Act foiled by Senate Republicans

USA Freedom Act foiled by Senate Republicans

The USA Freedom Act, aimed at NSA surveillance reform, failed to pick up enough votes to avoid a Republican filibuster.

VA falters in cybersecurity audit for 16th year

Veterans Affairs has failed an annual cybersecuirty audit for the 16th year in a row, a new report reveals.

State Department hack may be tied to White House network breach

State Department hack may be tied to White House network breach

The AP reported on Sunday that the State Department had its unclassified system compromised. The news follows the breach of three other government entities' systems.

'Stingray' requirement approved in Washington

Judges in Pierce County, Wash. approved a new requirement that would make law enforcement officials explicitly cite when they plan to use 'stingray' technology during an investigation.

U.S. spy program targeting Americans' mobile phones, report says

U.S. spy program targeting Americans' mobile phones, report says

The U.S. Department of Justice is attaching small devices to airplanes that gather massive amounts of mobile phone data, including the data of innocent Americans, a Wall Street Journal report indicates.

IBM leverages Big Data in $325M DOE deal

The funding will support the development of two new supercomputers.

Federal data breach legislation advances as provincial lapse nears

A Canadian federal bill that would force companies to notify individuals of breaches moved a step closer to being law in October.

Wildfire breach affects 15,000

British Columbia's provincial government is notifying 15,000 individuals after a privacy breach in its Wildfire Management Branch.

RCMP record keeping needs work, says Privacy Commissioner

Canada's RCMP cannot tell whether it complies with federal privacy law when gathering information about citizens without a warrant, according to a report.

Norse wins $1.9M DOE contract to secure energy sector operators

The Department of Energy contract will allow Norse to support the agency's Cybersecurity Risk Information Sharing Program (CRISP).

Slew of black marketplaces, including Silk Road 2.0, go dark in Fed sweep

Slew of black marketplaces, including Silk Road 2.0, go dark in Fed sweep

Seventeen suspected members of online marketplaces, including Silk Road 2.0's alleged operator, have been arrested.

Gov't AIDS websites left user data unencrypted

The government has begun encrypting user data on two websites providing AIDS-related information.

Report: Dutch gov't OKs Drinkman extradition to U.S.

Vladimir Drinkman, who was charged for his involvement in the Heartland breach, is currently in the Netherlands.

Does an Executive Order make payments more secure in the U.S.?

Does an Executive Order make payments more secure in the U.S.?

This year has been so bad for merchant data breaches that the president felt the need to ensure that the government would offer itself as a more safe and secure place to do business with.

Acting out: Cyber simulation exercises

Acting out: Cyber simulation exercises

Simulation exercises show how companies should respond under a cyberattack, says HHS's Sara Hall. Teri Robinson reports.

Schumer: Feds should do 'top to bottom' probe of online drug marketplaces

Sen. Charles Schumer of New York has called on federal law enforcement officials to stop "copy cat websites."

HackingTeam spying manuals posted online

The Italian spyware company had its manuals posted online that detail how thoroughly an infected user's actions can be monitored.

Attack on White House systems breached unclassified networks

The White House experienced a sustained cyberattack on its systems that impacted its network for nearly two weeks.

FBI uncovers second person leaking government documents

The unnamed leaker's house was searched and a criminal case was opened after documents about the U.S. government's terrorist watch list were published.

US-CERT warns of phishing campaign spreading Dyre

The credential-stealing malware Dyre has been tied to a string of phishing attacks.

WorldPay hacker sentenced to 11 years for role in $9.4M scheme

WorldPay hacker sentenced to 11 years for role in $9.4M scheme

An Estonian man, Sergei Tsurikov, was sentenced Friday after helping to steal over $9.4 million from payment processor RBS WorldPay in 2008.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.

Chinese MitM attack targets iCloud users

Chinese MitM attack targets iCloud users

The attack used a false certificate to trick iCloud users into handing over personal data and login credentials. With an attack of this size, some experts and researchers believe the Chinese government could be to blame.

ISA president urges state AGs to expand understanding of cybercrime

Speaking at a National Association of State Attorneys General conference, ISA's Larry Clinton asked the AGs to step up efforts to get more resources.

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House cyber guru says

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

DHS investigates possible vulnerabilities in medical devices, report indicates

DHS investigates possible vulnerabilities in medical devices, report indicates

Reuters reported on Wednesday that DHS is investigating roughly 24 cases of suspected vulnerabilities in medical devices and hospital equipment.

Progress on national breach notification law may stall

A bill, which would require a national reporting standard, has failed to make it before the Senate or House this year.

JPMorgan Chase hackers missed fed gov't employee accounts

Information on half a million federal workers in the government's SmartBuy program went undetected by Chase hackers.

Google updates piracy-fighting report

The search engine company updates it piracy report to let users know how its adjusting search results to stop illegal piracy efforts.

President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.

TD Bank reaches $850K breach settlement with states

The settlement brings some resolve to the 2012 breach, where the bank lost unencrypted backup tapes.

N.M. man, who intercepted governor's emails, sentenced to nine months

Jaime Estrada was sentenced to nine months in prison and was ordered to pay a $10,000 fine.

ABA wants to automatically call and text mobiles regarding breach and fraud alerts

With data breach and fraud alerts in mind, the ABA filed a petition on Tuesday asking the FCC to remove "outdated regulatory restrictions" that prevent sending automated calls and texts to mobile devices.

'Sandworm Team' exploits zero-day bug in espionage campaign

'Sandworm Team' exploits zero-day bug in espionage campaign

A group of cybercriminals believed to be Russian are exploiting a zero-day vulnerability to deliver malware and gather information from various organizations around the world.

EFF urges court to find NSLs unconstitutional

EFF urges court to find NSLs unconstitutional

National Security Letters (NSLs) tread on the First Amendment and give the FBI too much authority, EFF argued.

AT&T to pay $150M to settle cramming case, covers $80M in refunds

AT&T to pay $150M to settle cramming case, covers $80M in refunds

The settlement marks the largest FCC enforcement action to date, and also involved the FTC and state attorneys general.

Twitter sues U.S. government over sharing limits on transparency report data

Twitter sues U.S. government over sharing limits on transparency report data

The social media giant believes the limits imposed by the DOJ on data in transparency reports for its users violates its First Amendment rights.

Marriott to pay $600K fine for blocking guests' Wi-Fi networks

The FCC launched an investigation last year after a consumer complained of the practice.

Same battle, different field

Same battle, different field

Cyberwarfare is so new that the ground rules are still being established. Nazan Osman provides an overview.

The great communicator: Government policy

The great communicator: Government policy

It's all about what you say and how you say it, says DHS's Phyllis Schneck. Teri Robinson reports.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US