CyberSecurity Blog

FTC Expands Financial Data Breach Reporting Requirements

ICYMI: Non-Banking Institutions Will Be Required to Report Breaches Under Revised Rule. Consumer lenders such as mortgage brokers, auto dealers and payday lenders must soon report data breaches to the Federal Trade Commission under a revised regulation that mandates public disclosure. The new disclosure requirement will become effective in six months.http://dlvr.it/Sy4nkJ

The UK’s problematic Online Safety Act is now law

The government says it will protect kids online; critics say it’s a threat to privacy. The post The UK’s problematic Online Safety Act is now law appeared first on DanTechServices, Inc.http://dlvr.it/Sy4Q8C

Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023

Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023 Pierluigi Paganini October 28, 2023 The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,250 for 58 unique 0-days. The Team Viettel (@vcslab) won the…
Read more

ISMG Editors: Business, Cyber Resilience in Israel-Hamas War

Also: Cisco IOS XE Vulnerabilities in the Wild, Indonesia’s Data Protection Picture In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.http://dlvr.it/Sy3C5q

FTC Expands Financial Data Breach Reporting Requirements

Non-Banking Institutions Will Be Required to Report Breaches Under Revised Rule. Consumer lenders such as mortgage brokers, auto dealers and payday lenders must soon report data breaches to the Federal Trade Commission under a revised regulation that mandates public disclosure. The new disclosure requirement will become effective in six months.http://dlvr.it/Sy2skd

F5 urges to address a critical flaw in BIG-IP

F5 urges to address a critical flaw in BIG-IP Pierluigi Paganini October 27, 2023 F5 warns customers of a critical vulnerability impacting BIG-IP that could lead to unauthenticated remote code execution. F5 is warning customers about a critical security vulnerability, tracked as CVE-2023-46747 (CVSS 9.8), that impacts BIG-IP and could result in unauthenticated remote code…
Read more

Google-hosted malvertising leads to fake Keepass site that looks genuine

ICYMI: Google-verified advertiser + legit-looking URL + valid TLS cert = convincing look-alike. The post Google-hosted malvertising leads to fake Keepass site that looks genuine appeared first on DanTechServices, Inc.http://dlvr.it/Sy1ntC

Breach Roundup: Winter Vivern Hunting For Emails

Also, Cloudflare Records Surge in HTTP DDoS AttacksThis week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline. The post Breach Roundup: Winter Vivern…
Read more

Rising Global Tensions Could Portend Destructive Hacks

ICYMI: CISA’s Goldstein Says Critical Infrastructure Should ‘Remain on Heightened Alert’ U.S. government agencies and private sector organizations should “remain on heightened alert” for disruptive cyberattacks targeting critical infrastructure amid a series of escalating global conflicts, a top official for the U.S. Cybersecurity and Infrastructure Security Agency said on Wednesday.http://dlvr.it/Sy0flF