SolarWinds and CISO accused of fraud, control failures
The Securities and Exchange Commission announced charges against SolarWinds and its CISO, Timothy G. Brown, for fraud and internal control failures relating to allegedly known …
White House issues Executive Order for safe, secure, and trustworthy AI
President Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of artificial intelligence (AI). New …
The evolution of deception tactics from traditional to cyber warfare
Admiral James A. Winnefeld, USN (Ret.), is the former vice chairman of the Joint Chiefs of Staff and is an advisor to Acalvio Technologies. In this Help Net Security …
Sic Permission Slip on data brokers that use your data
Permission Slip, an iPhone and Android app developed by Consumer Reports, helps users ask companies and data brokers to stop sharing their personal data and/or delete it. The …
Making privacy sustainable: Incorporating privacy into the ESG agenda
Data breaches have been rising in frequency and magnitude over the last two decades. In fact, the Identity Theft Resource Centre (ITRC) found that between 2005 and 2020, data …
Why California’s Delete Act matters for the whole country
The California State Legislature passed Senate Bill 362, known as the Delete Act, to simplify the process for consumers to ask to remove their personal data gathered by data …
How Chinese hackers got their hands on Microsoft’s token signing key
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …
MITRE Caldera for OT now available as extension to open-source platform
MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that …
The removal of Qakbot from infected computers is just the first step
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by …
Qakbot botnet disrupted, malware removed from 700,000+ victim computers
The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 …
Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure
North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure …
Large-scale breaches overshadow decline in number of healthcare data incidents
While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a …