Some researchers argue that the situation showcases why Facebook must revisit how it handles and secures personal information.
Coral Glades High School, part of Broward County Public Schools. The $40 million ransomware attack on the district was one of a wave of cases targeting educational institutions over the last couple of weeks. (Formulanone, Public domain, via Wikimedia Commons) The Conti ransomware gang encrypted the systems at Broward County Public Schools several weeks ago and threatened to…
In a detailed update posted on the Qualys website April 2, CISO Ben Carr said that an independent, third-party forensic firm has verified the company’s initial determination that the attack did not jump from Accellion’s file transfer appliance server to Qualys’ larger corporate network.
U.K.-clothing retailer FatFace has egg on its face after a botched disclosure letter customers and security professionals consider too late, too secretive and too hard to confirm.
In the words of one expert: “The theft of customer policies is the Sword of Damocles that has been hanging over the cyber insurance industry since its inception.”
Experts say the idea has merit – if only legislators can balance the promise with the potential liability and burden placed upon industry.
A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada. Now experts are weighing in on the potential ramifications that can befall an organization if security footage is leaked or falls into the wrong hands.
A surge of breaches against Microsoft Exchange Server appear to have rolled out in phases, with signs also pointing to other hackers using the same vulnerabilities after Microsoft announced a patch.
The latest details confirm a trend SC Media reported earlier in the week, that security investigators were finding substantially more instances of breached Microsoft Exchange servers than Microsoft’s original report of “limited and targeted” attacks may have let on.
Public companies “should be explaining to investors the specific risks they face from cybersecurity threats, not vague jargon.
As companies scramble to assess their own vulnerability amid the wave of supply chain attacks in recent months, law firms find themselves doing double duty: providing complex legal support to clients, and assessing internal safeguards to ensure they themselves practice what they preach.
The incident is another example of why businesses must assess and manage third-party vendor risk.
In its blog post on critical Exchange Server patches Tuesday, Microsoft pointed to “limited and targeted” exploitation of the vulnerabilities in the wild. But new data suggests that the breaches may not be limited or targeted at all.
Continuing a discussion kicked off earlier this week in the Senate, House lawmakers confirmed that legislation is in the works, pushing for answers on the balance between liability protection and the duty to protect consumers.
The threat actors are “quite clever” in using Google Alerts as an attack vector to prompt users to “update” Adobe Flash Player.
Padraic O’Reilly, co-founder of cyber risk firm CyberSaint, shared insights with SC Media, about the struggles faced by water plants, energy companies and other utilities to assess cyber risk and prevent cyberattacks.
The announcement came after Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla., sent a letter to the U.S. intelligence services asking them to assign a leader for the response.
One in four SolarWinds Orion servers exposed to the internet at the time of an era-defining espionage campaign have been taken off the internet.
And would any water treatment facility judge the calculus differently – revert dollars from elsewhere perhaps – had they known such a cyber incident was coming? Even that is hard to say. We don’t know what would be sacrificed by that trade-off.
Organizations operate in networks that on average include 1,409 vendors. Combine that with limited resources, and supply chain security can seem an oxymoron.