Information Security

Information Security

Financial institutions ordered to notify customers after a breach, have an incident response plan | Malwarebytes

May 21, 2024

The amendments will become effective 60 days after publication in the Federal Register. Larger entities will have 18 months after...

Information Security

Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

April 19, 2024

It's important to keep in mind that recovering from an attack is not the same as disaster recovery or business...

Information Security

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication – SiliconANGLE

March 27, 2024

The phishing kit is also evolving, with updates to Tycoon 2FA in February said to have enhanced its capabilities by...

Information Security

How the New NIST 2.0 Guidelines Help Detect SaaS Threats

March 21, 2024

Throughout CSF 2.0, NIST recommendations dovetail with SaaS security needs. Govern, the new function, addresses issues relating to the democratization...

Information Security

4 tabletop exercises every security team should run | CSO Online

March 6, 2024

In a tabletop exercise, a team discusses their roles and responses during an emergency under different scenarios, typically with someone...

Information Security

eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation

February 28, 2024

"The uncovered operation involves the manipulation of thousands of hijacked sub-domains belonging to or affiliated with big brands," head of...

Information Security

Cloudflare hacked using auth tokens stolen in Okta attack

February 1, 2024

While addressing the incident, Cloudflare's staff rotated all production credentials (over 5,000 unique ones), physically segmented test and staging systems,...

Information Security

The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules

February 1, 2024

The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the cloud,...

Information Security

Ransomware payments drop to record low as victims refuse to pay

January 30, 2024

According to Coveware, the reason for this continual drop is multifaceted, including better preparedness by organizations, a lack of trust...

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop – SecurityWeek

November 3, 2023

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account...

Financial institutions ordered to notify customers after a breach, have an incident response plan | Malwarebytes

Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication – SiliconANGLE

How the New NIST 2.0 Guidelines Help Detect SaaS Threats

4 tabletop exercises every security team should run | CSO Online

eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation

Cloudflare hacked using auth tokens stolen in Okta attack

The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules

Ransomware payments drop to record low as victims refuse to pay

Continuity Management

What lies beneath: the growing threat to the hidden network of cables that power the internet | Internet | The Guardian

“Unprecedented” Google Cloud event wipes out customer account and its backups | Ars Technica

It’s been a bad week for public cybersecurity | TechRadar

Cellphone outage hits AT&T customers nationwide; Verizon and T-Mobile users also affected | Fox Business

Technology Management

WordPress.org statement threatens possible shutdown for all of 2025 – Computerworld

Half a million patients’ personal info stolen in massive health care data breach | Fox News

Security outsourcing on the rise as CISOs seek cyber relief | CSO Online

The 10 biggest issues CISOs and cyber teams face today | CSO Online

Crisis Management

More Than 390,000 Without Power In Louisiana Thursday | Weather.com

DICK’S shuts down email, locks employee accounts after cyberattack

Expert confirms Columbus Ohio data leak affects residents

Channel File 291 Incident RCA is Available | CrowdStrike

Emergency Management

How to Align Your Incident Response Practices With the New SEC Disclosure Rules – SecurityWeek

Why the toxins from the Ohio train derailment could have posed deadly threats for residents nearby – ABC News

Train derails, goes up in flames in Ohio, causes half of town to evacuate – ABC News

Shrinking Mississippi River Puts American Farm Trade at Risks

Risk Management

Open Banking: CFPB’s 1033 Rule and the Cost of Compliance

Company Behind Major Social Security Number Leak Files for Bankruptcy | PCMag

AT&T fined $13M for data breach after giving customer bill info to vendor | Ars Technica

TD Bank ordered to pay $28 mln by US CFPB for misreporting consumer credit data | Reuters

Compliance

6 regulatory moves, people whose days are numbered under Trump | Banking Dive

BPI: FDIC Bank Merger Rules Will Have ‘Chilling Effect’

FinTechs Entering US Will Need Sponsor Banks, Says Thredd CEO

BaaS Faces Regulatory Reckoning With OCC and FDIC Actions