LATEST POST
This well-known smart bulb can be hacked to steal your Wi-Fi password
Can a smart bulb be hacked to steal your wi-fi password? Researchers say one of the best-selling and most popular smart bulbs in the world has vulnerabilities that put your security at risk. Read more of this article by By Elizabeth George at Gearrice.
Sneaky Amazon Google ad leads to Microsoft support scam
A legitimate-looking ad for Amazon in Google search results redirects visitors to a Microsoft Defender tech support scam that locks up browsers. Read more of this article by Lawrence Abrams at Bleeping Computer
Haggling With Hackers: Surprising Lessons From 50 Negotiations With Ransomware Gangs
You’ve become the victim of a ransomware attack and received a ransom demand that is not something you can afford. Can you negotiate with the ransomware gang? Yes, you can, and it may save you money if you do your homework first on different gangs and negotiators. Read more of this article By Christopher Janaro […]
The Shifting Dynamics of Cyber Insurance
With the increased threat landscape and the increasing likelihood that clients will be attacked, cyberinsurers now require more extensive assessments and increased costs to renew policies. Erik Decker, vice president and CISO of Intermountain Healthcare, outlined five critical controls that cyber insurance providers look for when assessing an organization’s eligibility for coverage: endpoint detection and […]
India Passes Digital Personal Data Protection Act
Stephen Mathias from Kochhar & Co. reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. The Act was ratified by the President of India and will come into effect once notified […]
SEC Cybersecurity Rule Leans on Materiality and Reasonableness
The US Securities and Exchange Commission released its final rule, effective Sept. 5, 2023, on cybersecurity risk management, strategy, governance, and incident disclosure. Investors, registrants, and other market participants should take special notice of two key terms in the regulations: “materiality” and the “reasonable investor.” Read more at Bloomberg Law.
Software Makers May Face Greater Liability in Wake of MOVEit Lawsuit
Makers of vulnerable apps that are exploited in wide-scale supply chain attacks such as the MOVEit breach need to improve software security or face steep fines and settlement fees. Read more of this article at Darkreading.com.
Q2 2023 Threat Landscape Report: All Roads Lead to Supply Chain Infiltrations
The significant increase in supply-chain attacks has been discussed in a Q2 report by Kroll, who also noted a significant increase in email compromises. Read more of this article Kroll.com.