Last month New York’s Department of Financial Services (DFS) fined Residential Mortgage Services $1.5 million for not having a compliant cybersecurity program and, even worse, not telling the regulator that they had a breach. DFS said that RMS did not investigate the breach seriously, did not conduct a comprehensive risk assessment and did not notify […]
Continue reading → [DISPLAY_ACURAX_ICONS]Not a Good Week for Social Media Privacy After the January 6th attack on the US Capitol, we saw terabytes of conversations and videos and profiles from the alt-right Twitter clone Parler posted online. Last week we saw 500+ million Facebook profiles for sale on the dark web (Facebook says this isn’t a breach) and […]
Continue reading → [DISPLAY_ACURAX_ICONS]Well that is certainly not a comforting thought. Last month the public water supply in a small town in Florida was hacked. Only PURE DUMB LUCK protected those citizens. Did the hacker use exotic unknown vulnerabilities to compromise the system? No. The city didn’t even have a firewall, was using software that was no longer […]
Continue reading → [DISPLAY_ACURAX_ICONS]NSA Director General Paul Nakasone testified before the Senate Armed Services Committee about the recent SolarWinds and Microsoft Exchange hacks. He said that foreign hackers are taking advantage of the Intelligence community’s blind spot – adversaries working INSIDE the United States. Our adversaries can come into the United States, set up shop on the web, […]
Continue reading → [DISPLAY_ACURAX_ICONS]CCPA went into effect just over a year ago. Now we have some history on it. DataGrail is a vendor that helps companies like OVERSTOCK and OKTA respond to those CCPA requests. They have fulfilled millions of “data subject requests” for their clients. Here is what they found. 46% of the requests were to tell […]
Continue reading → [DISPLAY_ACURAX_ICONS]Okay, let me just say this at the beginning. This post is opinion. There is certainly factual information (or the closest to fact that we have), but in the end, this is just my opinion. Currently, most cyber breaches are not reported. Even when breaches are reported, they are often missing key information, hard to […]
Continue reading → [DISPLAY_ACURAX_ICONS]