LATEST POST
Form I-9 Compliance updates its breach report once again; number affected keeps climbing
Employee eligibility verification solutions provider Form I-9 Compliance suffered a data breach on February 5, 2024. Its impact is way, waaaaay bigger than initially reported. Security Week reports: In late May, the company started informing customers that someone had gained unauthorized access to its network in early February. The intrusion was detected on April 12 […]
Amazon confirms employee data compromised amid 2023 MOVEit breach; dozens of other companies also affected
The MOVEit breach was one of the biggest breaches of 2023. Cl0p threat actors exploited vulnerabilities in the file transfer software and exfiltrated massive amounts of data from entities in all sectors. Now data from Amazon and almost three dozen other MOVEit victim entities is being leaked on BreachForums by a forum user calling themself […]
Halliburton reports cyberattack already cost it $35 million
The suspected ransomware attack Halliburton experienced in August had already cost it $35 million by the end of September, the oilfield service giant disclosed. Security Week reports: The incident came to light on August 22, when Halliburton, one of the world’s largest oilfield service providers, confirmed unauthorized access to some of its systems. The company immediately launched […]
Veterans Day 2024
Thank you to all those who have served our country. May today be a day where you feel appreciated for your sacrifices and for the rest of us to remember what you did and honor you.
NYDFS Issues Industry Guidance on Risks Arising from Artificial Intelligence
It seems like everything is “AI” these days, but there’s also an increasing awareness of the flaws or risks in using AI for some purposes, including AI making up things that just aren’t true (called “hallucinations”). But there are also cybersecurity risks. From Covington and Burling: On October 16, 2024, the New York Department of […]
HIPAA Gets a Potential Counterpart in HISAA
Legislation proposed in September would mandate minimum cybersecurity requirements in the healthcare sector. Kevin Wood, the Chair of Winstead’s Healthcare Industry Group, writes: …. Senators Ron Wyden (D-OR) and Mark Warner (R-VA) introduced the Health Infrastructure Security and Accountability Act (HISAA) on September 26, 2024. Like HIPAA and HITECH before it, which established minimum levels […]
Cyberwar: Credit cards readers across Israeli stores, gas stations crash in suspected DDoS attack
It is not the first time, but it appears Iran has again attempted to attack Israel via cyberattacks. The Jerusalem Post reports: Thousands of credit card readers across Israeli gas stations and supermarket chains malfunctioned on Sunday morning in what the company responsible for the readers’ cyber safety called a suspected DDoS attack. Hyp Credit Guard […]
They’re back? Scattered Spider, BlackCat claw their way back from criminal underground
When BlackCat pulled an exit scam in February after extorting Change Healthcare for $22 million, people started speculating how long it would be before they re-branded and re-emerged. We may have an answer now. The Register reports that both BlackCat (aka ALPHV) and Scattered Spider appear to be back: In October, security firm ReliaQuest responded […]