Krebs on Security

MAY 23, 2024

A report from the security firm Team Cymru found the DDoS attack infrastructure used in NoName campaigns is assigned to two interlinked hosting providers: MIRhosting and Stark Industries. DON CHICHO & DFYZ The data breach tracking service Constella Intelligence reports that an Ivan V. The NoName DDoS group advertising on Telegram.

Cloud 272

Cloud Education Government Phishing 272

Hunton Privacy

AUGUST 2, 2021

The newly passed laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program that complies with applicable state or federal law or industry-recognized security frameworks. New Breach Notification Requirements (HB 5310).

Cybersecurity 87

Cybersecurity Insurance Military Data Privacy 87

Hunton Privacy

APRIL 11, 2017

The Cybersecurity Law of China , which was passed in November of 2016, introduced a data localization requirement requiring “operators of key information infrastructure” to retain, within China, critical data and personal information which they collect or generate in the course of operating their business in China.

Security 53

Security Cybersecurity Military Risk 53

Data Matters

DECEMBER 9, 2021

Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). national security. First, the Proposed Rule would add “connected software applications” to the definition of ICTS.

Communications 88

Communications Manufacturing Risk Data collection 88

Thales Cloud Protection & Licensing

APRIL 24, 2019

Ensuring that systems behave only how a designer intends is a central aspect of security. A security-enforcing system will take the context of available information measured against policy to determine whether an operation should be permitted or denied. MBSE and security engineering. Model-Based Systems Engineering.

Security 61

Security Military Communications Risk 61

Data Protection Report

JUNE 27, 2019

Illinois, Maine, Maryland, Massachusetts, New Jersey, New York, Oregon, Texas, and Washington have all amended their breach notification laws to either expand their definitions of personal information, or to include new reporting requirements. Maryland ( HB 1154 ) – Maryland imposes new requirements on entities following a security breach.

Data breaches 40

Data breaches Passwords Privacy Military 40

Data Protection Report

FEBRUARY 21, 2018

As Data Protection Report posted on January 29, 2018 , lawmakers in Colorado are considering legislation that, if enacted, would significantly strengthen Colorado’s data privacy protections. On Wednesday, February 14, 2018, an amended bill passed unanimously in Colorado’s House Committee on State, Veterans and Military Affairs.

Data Privacy 40

Data Privacy Privacy Military Insurance 40

Data Protection Report

DECEMBER 12, 2023

Talks had previously stalled over how to regulate AI trained on large amounts of data and able to perform a wide range of functions, referred to as ‘foundation models’ or ‘general purpose AI’. Definitions and scope The final text will define AI with reference to the OECD definition.

Artificial Intelligence 59

Artificial Intelligence Risk Marketing Military 59

ForAllSecure

JULY 21, 2020

In the inaugural episode, The Hacker Mind looks at why the West Point Military Academy, and other organizations within the DoD, is training its young cadets to hack. Or maybe, just maybe back in 2014, West Point and other military service academies, are on to something really important. The military has these massive computer networks.

Military 52

Military Passwords Cybersecurity IT 52

ForAllSecure

JULY 21, 2020

In the inaugural episode, The Hacker Mind looks at why the West Point Military Academy, and other organizations within the DoD, is training its young cadets to hack. Or maybe, just maybe back in 2014, West Point and other military service academies, are on to something really important. The military has these massive computer networks.

Military 52

Military Passwords Cybersecurity IT 52

Schneier on Security

JUNE 6, 2023

I didn’t know either of them, but I have been writing about cryptography, security, and privacy for decades. It definitely had an effect on me. I tried to talk to Greenwald about his own operational security. I started doubting my own security procedures. Definitely. It made sense. It wasn’t there.

Computer and Electronics 125

Computer and Electronics Encryption Government Privacy 125

ForAllSecure

JULY 21, 2020

In the inaugural episode, The Hacker Mind looks at why the West Point Military Academy, and other organizations within the DoD, is training its young cadets to hack. Or maybe, just maybe back in 2014, West Point and other military service academies, are on to something really important. The military has these massive computer networks.

Military 52

Military Passwords Cybersecurity IT 52

Lenny Zeltser

JUNE 2, 2018

If you’re in the business of safeguarding data and the systems that process it, what do you call your profession? Information security? Computer security, perhaps? Until recently, I’ve had no doubts about describing my calling as an information security professional. Are you in cybersecurity?

Computer and Electronics 64

Computer and Electronics Information Security Cybersecurity Communications 64

Hunton Privacy

JULY 10, 2012

Training about personal data protection by world and European experts. The Commissioner organized this US expert’s visit in cooperation and with the assistance of the USAID with the aim of providing much needed, continuous and quality education of our staff about many ongoing data protection issues. Monday, July 09, 2012 09:18.

Education 40

Education Personal data Military Government 40

Data Protection Report

MARCH 7, 2024

China Cuba Iran North Korea Russia Venezuela What is “personally identifiable data” that is “in combination with each other”? The proposed regulation would define the term to mean any “listed identifier” that is linked to any other “listed identifier.” Note that the only difference between the two examples is the addition of IP addresses.

Access 59

Access Military Compliance Personal data 59

DLA Piper Privacy Matters

SEPTEMBER 17, 2018

30 of 2018 on the Personal Data Protection Law (PDPL). It will provide individuals with rights in relation to how their personal data can be collected, processed and stored. The PDPL also imposes new obligations upon businesses to ensure that the personal data they collect is kept secure.

Personal data 49

Personal data GDPR Compliance Risk 49

Data Protection Report

OCTOBER 18, 2022

In particular, the CJEU found that: US surveillance laws [2] do not limit access to data for surveillance purposes to what is “necessary and proportionate”; and. EU data subjects are not granted actionable redress in the courts against US authorities, meaning that EU data subjects therefore have no rights to effective remedy.

Personal data 52

Personal data Privacy Risk Government 52

Hunton Privacy

JUNE 17, 2011

We should take steps to embrace and protect it – and that starts with robust cyber security.” The SAFE Data Act grants the FTC the authority to modify the definition of personal information to the extent necessary to effectuate the Act’s purposes. In brief, the bill features two key elements: Data Security Requirements.

e-Discovery 40

e-Discovery Military Information Security Manufacturing 40

IT Governance

MARCH 11, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 36 million records. Data breached: 6,935,412 individuals’ data. Data breached: 6.9 Only 3 definitely haven’t had data breached.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 270

Government Cybersecurity Sales Blockchain 270

IT Governance

APRIL 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight US Environmental Protection Agency allegedly breached: nearly 8.5 Data breached: 8,460,182 accounts.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

APRIL 22, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers. Data breached: 5,300,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Matters

SEPTEMBER 9, 2021

Dual-use items are sensitive goods, services, software, and technology that can be used for both civil and military purposes. It merely defines them as “items specially designed to enable the covert surveillance of individuals by monitoring, extracting, collecting or analyzing data from information and telecommunication systems.”

Military 88

Military Compliance Manufacturing Sales 88

ForAllSecure

MAY 17, 2023

A lot of SMBs do not have security operations centers or SOCs. They have IT contractors who can provision laptops and maintain a certain level of compliance and security. They can provide that additional security, remotely. They have those security capabilities. In a way and then you consume the outcomes.

Insurance 40

Insurance Privacy Ransomware GDPR 40

ForAllSecure

MARCH 14, 2022

In fact, I remember starting a new job by flying to Auburn Hills, Michigan for the very first meeting of the Featherstone Group, a collection of automotive OEM executive and security professionals. Steve Grobman, CTO with Intel’s security group had this to say: CNBC: Yeah, so I think that nothing is ever impossible.

Computer and Electronics 52

Computer and Electronics Government Communications Cybersecurity 52

CGI

SEPTEMBER 8, 2015

In the past information was held locally in silos , but cloud computing and advanced analytics now mean that the silos are broken down and all data is available to generate insights. Over the next 25 years this evolved into SCADA (supervisory control and data acquisition). M2M – back to the beginning.

IoT 40

IoT Analytics Cloud Military 40

Schneier on Security

FEBRUARY 28, 2024

One possible solution, touted by former Department of Homeland Security Secretary Michael Chertoff on a recent podcast , would be for the federal government to step in and help pay for these sorts of attacks by providing a cyber insurance backstop.

Insurance 94

Insurance Government Cybersecurity Risk 94

Collibra

NOVEMBER 2, 2020

The California Consumer Privacy Act (CCPA) came into effect four years after the General Data Protection Regulation (GDPR) was adopted. Despite coming at the heels of the GDPR, the recent California privacy law promptly established and defined its own concepts around consumer-related data. . Geolocation data.

Privacy 59

Privacy Education Insurance GDPR 59

The Last Watchdog

FEBRUARY 17, 2020

One of the most single-minded of these security vendors is startup CyCognito. The company was launched in Tel Aviv in 2017 by a couple of former Israeli military cyber ops attack specialists, Rob Gurzeev and Dima Potekhin. billion Internet-exposed IT assets, resulting in rich data sets that are fed into the company’s analytics.

Digital transformation 179

Digital transformation Analytics Cloud Risk 179

ForAllSecure

APRIL 12, 2022

I guess the answer is what I usually say to a security question: It depends. Clearing you don’t want someone off the street coming in as a Level 2 security analyst. Then again, you might want someone --anyone -- to come in as a Level 1 security analyst so your current Level 1s can advance. Sometimes it was only 20.

Cybersecurity 52

Cybersecurity Military IT Security 52

ForAllSecure

JANUARY 19, 2022

Is there something more secure? Simon Moffatt from CyberHut joins The Hacker Mind to discuss how identity and access management (IAM) is fundamental to everything we do online today, and why even multi-factor access, while an improvement, needs to yield to more effortless and more secure passwordless technology that’s coming soon.

Passwords 52

Passwords Authentication Access Data breaches 52

ForAllSecure

JULY 14, 2021

It was also designed under President Eisenhower to move military troops and vehicles from point A to point B, but that's another story. Jack is probably best known as one of the three co-founders of the popular BSides security conferences. Okay, besides that bringing Security Education approachable. Besides, I was born.

Mining 52

Mining IT Security Education 52

Hunton Privacy

APRIL 3, 2020

s data breach notification law (the “Bill”). Among other requirements, the Bill requires the provision of identity theft prevention services in certain data breaches, establishes a new regulatory reporting requirement in the event of a cognizable data breach affecting 50 or more residents of D.C., Harm Threshold.

Data breaches 84

Data breaches Security Insurance Passwords 84

ForAllSecure

OCTOBER 29, 2020

While digital voting systems are more secure today, what about the larger ecosystem, starting from the moment you register until your vote is counted? Who’s keeping those systems secure? Clearly having individual vendors provide the security wasn’t working, so the state moved toward adopting open source software.

Blockchain 52

Blockchain Paper Security IT 52

ForAllSecure

OCTOBER 29, 2020

While digital voting systems are more secure today, what about the larger ecosystem, starting from the moment you register until your vote is counted? Who’s keeping those systems secure? Clearly having individual vendors provide the security wasn’t working, so the state moved toward adopting open source software.

Blockchain 52

Blockchain Paper Security IT 52

ForAllSecure

OCTOBER 20, 2020

While digital voting systems are more secure today, what about the larger ecosystem, starting from the moment you register until your vote is counted? Who’s keeping those systems secure? Clearly having individual vendors provide the security wasn’t working, so the state moved toward adopting open source software.

Blockchain 40

Blockchain Paper Security IT 40