DataBreaches
Rural hospital cybersecurity protection bill moves forward
Noah Schwartz reports: The Rural Hospital Cybersecurity Enhancement Act made it out of committee and will now head to the Senate floor. The bipartisan...
DataBreaches
Stung by Free Decryptor, Ransomware Group Embraces Extortion
Mathew J. Schwartz reports: Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away...
DataBreaches
Secrets and Lies: The Games Ransomware Attackers Play
Mathew J. Schwartz reports: If you’re a criminal, practicing good operational security would seem to preclude granting tell-all news media interviews...
DataBreaches
Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves
Mathew J. Schwartz reports: The ransomware landscape constantly changes, which can make it difficult to track which attackers are coming, going or simply...
DataBreaches
Co-Working for the Ransomware Age: How Hive Thrived
Mathew J. Schwartz reports on how Hive blossomed as a business enterprise by co-working, or incorporating smaller victims and teams from Conti. Read his report...
DataBreaches
French CNIL is setting the tone for 2023: patients data and medical research on its radar
Julie Schwartz and Patrice Navarro of HoganLovells write: CNIL has always been very attentive to the processing of health data and to their security and...
DataBreaches
Why Do Ransomware Victims Pay for Data Deletion Guarantees?
Mathew J. Schwartz reports: Many ransomware-wielding attackers are expert at preying on their victims’ compulsion to clean up the mess. Hence victims...
CyberNews
Donald Trump’s former lawyer used Google Bard in bid to end his probation
Michael Cohen, Donald Trump’s ex-lawyer, admitted in a court filing that he used generative AI to produce bogus case citations to help his counsel draft a motion.
The Record
California enacts first-of-its-kind bill targeting data brokers
California lawmakers enacted unprecedented legislation late Wednesday allowing state residents to compel data brokers to delete their personal information with the push of a button.
The Record
California legislature advances closely watched bill on data brokers
The Delete Act would make it far easier for individuals to block data brokers from collecting and selling their information without their consent.
CyberSecurity Dive
Rail transit vulnerable to cyberattacks, experts say
Transit networks are a target of criminal and state actors intent on disrupting operations.
DataBreaches
Another plastic surgery practice appears to have been hit — this time by Hunters International (5)
On October 17, the FBI issued a Public Service Announcement, Cybercriminals are Targeting Plastic Surgery Offices and Patients. Five days later, DataBreaches...
Bleeping Computer
U.S. DOJ will no longer prosecute ethical hackers under CFAA
The U.S. Department of Justice (DOJ) has announced a revision of its policy on how federal prosecutors should charge violations of the Computer Fraud and Abuse Act (CFAA), carving out "good-fath" security research from being prosecuted.
DataBreaches
Memorial for Vitali Kremez
As most people know by now, the cybersecurity community recently lost one of its brightest lights when Vitali Kremez died in a diving accident. Vitali and his...
Infosecurity News
Unlocking the Benefits and Trade-Offs of Agentless Cloud Security
Agentless cloud security solutions were among the most talked-about topics during the Cloud & Cyber Security Expo, set in London on March 8-9, 2023
The Record
FTC fires 'shot across the bow' at automakers over connected-car data privacy
In a blog post, the FTC gave special attention to the sale of geolocation data and what the agency called the “surreptitious disclosure of sensitive information" by automakers.
Infosecurity News
Industry Coalition Calls For Enhanced Network Resilience
Alliance wants to improve visibility and patching
CyberSecurity Dive
Industry stakeholders seek 30-day delay for CIRCIA comments deadline
Industry officials are asking for additional time to comb through hundreds of pages of detailed rules about disclosure of covered cyber incidents and ransom payments.
The Record
Vermont passes data privacy law allowing consumers to sue companies
The law includes data minimization requirements, which significantly constrain what personal data companies can gather and use and bans companies from selling consumers’ sensitive data, allowing individuals to sue if they believe businesses have done so.
CSO
Network Resilience Coalition launches to improve patch, vulnerability management
Coalition aims to enhance hardware and software security with founding members including cybersecurity vendors Cisco and Fortinet as well as BT Group and VMware
The Record
US Chamber of Commerce, industry groups call for 30-day delay in CIRCIA rules
The U.S. Chamber of Commerce and multiple industry leaders are calling for a month-long extension of the 60-day comment period for a new incident reporting rule being issued by the top cybersecurity agency in the U.S.
Ars Technica
Deepfakes in the courtroom: US judicial panel debates new AI evidence rules
Panel of eight judges confronts deep-faking AI tech that may undermine legal trials.
DarkReading
Security Leaders Discuss Industry Trends at Dark Reading's News Desk at RSAC 2023
Watch News Desk interviews with Dark Reading and cybersecurity leaders as they discuss trends and industry drivers druing RSA Conference 2023 in San Francisco.
Naked Security
Peter Eckersley, co-creator of Let’s Encrypt, dies at just 43
This site, like millions of others, has a certificate from Let’s Encrypt. Farewell, Peter Eckersley, PhD, who helped make it all possible.
DarkReading
CISO Corner: Gen Z Challenges, CISO Liability & Cathay Pacific Case Study
Dark Reading's roundup of strategic cyber-operations insights for chief information security officers.
DarkReading
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up.
The Hacker News
Activities in the Cybercrime Underground Require a New Approach to Cybersecurity
Combating cybercrime requires a powerful approach. Discover how Attack Surface Management (ASM) and Cyber Threat Intelligence (CTI) can help.
The Record
The strongest data privacy bill this year focused on health. It's already a model for other states.
Washington state's health data privacy bill tapped into fear and anger after the Supreme Court's Dobbs decision — and in many ways accomplished what comprehensive privacy bills have not.
Ars Technica
ChatGPT is one year old. Here’s how it changed the tech world.
Examining 365 days with OpenAI's bot: The good, the bad, the ugly—and the productive?
DarkReading
CISO Corner: Evil SBOMs; Zero-Trust Pioneer Slams Cloud Security
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.