H&M not alone: Companies often fall short in privacy protections for employees
Many businesses treat information about their own employees differently than that of customers, which could place them squarely in violation of privacy regulations.
About SC Media
Legal Action
Lessons from Uber: Be crystal clear on the law and your bug bounty policies
Aside from following the law, companies should also take care that their bug bounty payments are adhering to responsible corporate policies that define what constitutes a legit payment and what constitutes extortion.
‘We want to have more protection’: Arrested pen testers push for Good Samaritan law
Prosecutors dropped felony criminal charges against a pair of ethical pen testers arrested while assessing the security of an Iowa courthouse. But the the two men are not ready move on just yet. Coalfire employees Gary DeMercurio, managing senior, and Justin Wynn, senior security consultant, lobbied Wednesday at the virtual Black Hat conference for a…
Unsealed indictment alleges Kazakh man is behind Fxmsp hacking group
Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement in a financially motivated cybercriminal hacking collective known as Fxmsp that the Department of Justice says cost victims tens of millions of dollars. Turchin — who also individually goes by the alias Fxmsp — and…
Alleged Collection 1 hacker nabbed; ransomware campaign targeting hospitals disrupted
The Ukrainian Secret Service on Tuesday announced the arrest of a man who they say is the hacker who amassed hundreds of millions of stolen credentials and then used an internet message board to announce their availability as a data set known as Collection 1. And in another significant win for law enforcement officials, Romania…
DEER.IO caught in FBI’s headlights; cybercrime platform gets shut down
The FBI on Tuesday seized the website for DEER.IO, a Russian online platform used to conduct millions of dollars worth of cybercriminal transactions. The crackdown followed the March 7 arrest of alleged hacker/DEER.IO administrator Kirill Victorovich, who was taken into custody while in New York City. Active since October 2013, DEER.IO allows users to purchase…
Necurs botnet operation dismantled; millions of malicious domains disabled
A coalition of security-minded organizations led by Microsoft struck a major blow against the mighty Necurs botnet — one of the largest in world — dismantling its infrastructure in a global takedown. Empowered by a court order, Microsoft not only took control of the Necurs operators’ web domains, but it blocked an additional 6 million…
Jury spares accused Vault 7 leaker from espionage conviction
A Manhattan federal jury yesterday failed to reach a verdict on any major charges leveled against Joshua Schulte, a former CIA software engineer from Lubbock, Texas, who was accused of stealing the agency’s hacking tools and delivering them to WikiLeaks for publication. Schulte, 31, was convicted on contempt of court and making false statements, but…
U.S. indicts four Chinese military members over Equifax breach
The U.S. Department of Justice has charged four members of the Chinese People’s Liberation Army with nine criminal counts, accusing them of orchestrating and carrying out the 2017 hack of credit reporting agency Equifax. An indictment returned by a federal grand jury in Atlanta and unveiled today by the DOJ alleges that Beijing residents Wu…
Hacker pleads guilty to stealing Nintendo secrets
A California hacker pleaded guilty last Friday in federal court to one count of computer fraud and abuse, for stealing and leaking sensitive information related to the Nintendo Switch gaming console and various Nintendo game titles. Ryan Hernandez, 21, of Palmdale, Calif., also pleaded guilty to one charge of possess of children pornography. A Department…
Next post in Cybercrime
