A draft of federal cyber incident reporting rules for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) has been posted in the Federal Register. It’s not exactly light reading, weighing in at a whopping 447-page Notice of Proposed Rulemaking. The rules will require critical infrastructure entities to notify the federal government of […]
On February 15, the U.S. Department of State offered a $10 million reward for “information leading to the identification or location of any individual(s) who hold a key leadership position in the Transnational Organized Crime group behind the ALPHV/Blackcat ransomware variant. In addition, a reward offer of up to $5,000,000 is offered for information leading to the […]
The Readable explains: A decade-long legal battle involving a data breach that affected the majority of the South Korean population concluded last week. The court confirmed a compensation award of $48 million to a credit card company. The Supreme Court of Korea has rejected the appeal of the defense and ordered the company to pay […]
Data Breach Today reports: A Midwest operator of nursing homes has filed for bankruptcy, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. See Also: Take Inventory of Your Medical Device Security Risks SC Healthcare Holdings LLC, which operates as […]
The Independent reports: China has been accused of a “malign” cyberattack on Britain after it allegedly accessed millions of voters’ personal details during a hack on the election watchdog. The UK is poised to sanction those believed to be involved in Chinese state-backed interference, after deputy prime minister Oliver Dowden sets out details about the alleged incident later on […]
Bleeping Computer reports: U.S. National Security Advisor Jake Sullivan and Environmental Protection Agency (EPA) Administrator Michael Regan warned governors today that hackers are “striking” critical infrastructure across the country’s water sector. In a joint letter sent on Tuesday, they asked for the governors’ support to ensure that water systems in their states are adequately defended against […]
Microsoft was one of two heavy hitters that reported being compromised recently. The Cybersecurity and Infrastructure Security Agency (CISA) also disclosed that it was recently compromised and had to take two systems offline due to vulnerabilities in IIvanti products. A CISA spokesperson confirmed to Recorded Future News that CISA “identified activity indicating the exploitation of […]
Even companies that invest a lot in security can get hit — and hit hard. In this week’s news, perhaps the biggest story involves Microsoft and Russia. The Associated Press reports: Microsoft said Friday it’s still trying to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November […]
The attack on United Healthcare’s Change Healthcare unit continues to cause major problems. Pharmacies are struggling to fill prescriptions, patients cannot get their medications, and payment processes for providers are impacted. The problems began February 21 after hackers, subsequently identified as the AlphV (BlackCat) group, gained access to UnitedHealth’s Change Healthcare unit. How they gained […]
A hacker just called your office. Do your front-line personnel know what to say or do?
Regardless of whether you work for a big corporation or a small- or medium-sized business, you need to have a plan as to how you will respond in the event of a data security incident. Many plans begin with what to do once you discover a breach, but do not neglect to ensure you have […]