Information Security Laws Investigations and Ethics
- December 05, 2019
The U.S. Justice Department indicts two alleged members of the Russian threat group behind the Dridex banking Trojan, known as Evil Corp, and offers a $5 million bounty.
- December 04, 2019
NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market.
- November 21, 2019
Ohio is building a 'Cyber Reserve,' a civilian cybersecurity force alongside the state's National Guard that will be deployed to help local governments recover from cyberattacks.
- November 14, 2019
InfoTrax settled an FTC complaint over an extensive data breach that lasted two years. Now, it can no longer collect any personal data until it implements its own infosec program.
- October 30, 2019
Chris Hylen unexpectedly stepped down as CEO of Imperva in the wake of a data breach involving cloud WAF customer data, though it's unclear if the two events are connected.
- October 04, 2019
This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference.
- October 03, 2019
Zendesk disclosed a previously undetected security incident from 2016 in which data for 10,000 customer accounts was accessed, but the disclosure is missing some key details.
- October 01, 2019
German authorities arrested seven in raid of bulletproof hosting company CyberBunker -- which was housed in a former NATO bunker -- for allegedly hosting dark web marketplaces.
- September 27, 2019
The New York attorney general filed a lawsuit against Dunkin' Brands regarding attacks dating back to 2015 and alleges the company failed to respond or notify victims properly.
- September 25, 2019
In a call with the Ukrainian president that is now the focus of an impeachment inquiry, President Trump discussed CrowdStrike and asked for help with finding a 'server.'
- September 10, 2019
One expert showed the crowd at DerbyCon that proper attribution of a cyberattack requires multiple indicators in order to avoid being fooled by a false flag attempt.
- August 29, 2019
The alleged Capital One hacker, Paige Thompson, was charged with additional counts of fraud and abuse for stealing data from more than 30 other organizations.
- August 02, 2019
History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.
- July 29, 2019
Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.
- July 24, 2019
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.