720-891-1663

Security News for the Week Ending September 8, 2023

Want a .US Domain? Just Lie About It. The .US top level domains are a hotbed for phishing attacks. Apparently, this is due to lax oversight. In theory, the .US is managed by the US government, but the government outsources that to GoDaddy – who doesn’t have a stellar cybersecurity reputation to be polite. See […]

Continue reading → [DISPLAY_ACURAX_ICONS]

California Releases Draft Audit and Risk Assessment Regs

The California Privacy Protection Agency, the government agency that enforces the California Privacy Rights Act, has released two DRAFT documents recently. They are going to discuss the drafts at their meeting tomorrow but they have not yet started the rulemaking process. The two regulations are the cybersecurity audit regulations and the cyber risk assessment regulations. […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Software Makers May Face Greater Liability in Wake of MOVEit Lawsuit

In light of one of the largest breaches in recent history – the MOVEit supply chain attack – it is possible new case law may be developed. The typical lawsuits that come out of breaches are damage claims from victims who say that the breach of their data caused them pain and suffering. Except that […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News for the Week Ending August 25, 2023

US Warns Other Countries Hack Satellites Like We Do Last week I wrote about US Space Force bragging that they set up a new team to hack adversaries satellites and ground infrastructure. This week the Air Force and NCSC published an advisory that, guess what, other countries are doing the same thing and if the […]

Continue reading → [DISPLAY_ACURAX_ICONS]