The most famous supply chain attack of the last few years was the SolarWinds attack. That attack was a home run for the Russians. Other hackers (or maybe the same ones) thought that was a great attack vector. Now it seems to have become quite popular. Then came DevOps tool provider Codecov. Hackers compromised Codecov, […]
Continue reading → [DISPLAY_ACURAX_ICONS]If you were using your phone and visited a web site when a message popped up that said something like “we want to sell your data to anyone we want and you get nothing for that – do we have your permission to do that?” – what would your answer be? Well, if you are […]
Continue reading → [DISPLAY_ACURAX_ICONS]USTRANSCOM Starts CMMC Lite Now The DoD’s transportation command, the folks who are in charge of getting all the stuff that the military needs from where it is to where it needs to be, has announced that they are implementing a light version of CMMC NOW instead of waiting for the five years that it […]
Continue reading → [DISPLAY_ACURAX_ICONS]As California and Virginia start rolling out their new privacy laws and Washington and Florida look like they will be next, what is the impact on businesses? Most companies are likely going to implement a strategy of this state is the most aggressive. Lets follow this one and we should be good for all the […]
Continue reading → [DISPLAY_ACURAX_ICONS]I don’t think it is just me. The number of alerts I have been getting over the last few weeks regarding vulnerabilities in very mainstream industrial control system components seems to be out of control. Here are just a few: April 20th – CISA releases 10 Industrial control system (ICS) advisories. This includes Hitachi/ABB, Rockwell, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last month New York’s Department of Financial Services (DFS) fined Residential Mortgage Services $1.5 million for not having a compliant cybersecurity program and, even worse, not telling the regulator that they had a breach. DFS said that RMS did not investigate the breach seriously, did not conduct a comprehensive risk assessment and did not notify […]
Continue reading → [DISPLAY_ACURAX_ICONS]