February 27, 2024 at 12:05PM The Hesse Consumer Advice Center in Germany was hit by a ransomware attack causing disruptions in its IT systems, impacting communication channels. Although the website is now fully operational, reaching the center remains difficult. The organization is working with IT security experts to restore communication channels, while concerns about potential … Read more
February 26, 2024 at 07:50AM The UK’s data protection watchdog issued an enforcement notice to halt Serco’s use of facial recognition and fingerprint scanning at leisure centers it operates, finding the company unlawfully processed biometric data of over 2,000 employees. The ICO instructed Serco to destroy non-legally required biometric data. The watchdog emphasized the risks … Read more
February 24, 2024 at 07:21AM Microsoft has expanded free logging capabilities to all U.S. federal agencies, using Microsoft Purview Audit, regardless of licensing. This comes after a China-linked cyber espionage campaign targeting organizations. The move includes automatically enabling logs in customer accounts and increasing log retention to 180 days, aiding federal agencies to meet logging … Read more
February 23, 2024 at 02:25PM Apple is enhancing iMessage with the quantum-computing resistant PQ3 protocol, providing Level 3 security with post-quantum cryptography. The revamped protocol, integrating post-quantum and classical algorithms, ensures resilience against key compromise and incorporates Kyber for key generation. The update, due in March, aims to address potential quantum computing threats. Signal disputes … Read more
February 23, 2024 at 12:29PM Corporate directors and security teams are under pressure to comply with the SEC’s new cybersecurity regulations. Woodruff Sawyer’s David Anderson warns that mishandling PII could lead to costly claims, potentially rivaling ransomware attacks. Privacy issues, including pixel-tracking claims and GDPR violations, are becoming a top concern for cyber insurance underwriters. … Read more
February 23, 2024 at 11:17AM The Malawi government has suspended passport issuance for two weeks due to a ransomware attack on the immigration service’s computer network. President Chakwera refuses to negotiate with the hackers and plans to find a temporary and long-term solution for the issue. The attack’s details and the responsible party remain undisclosed. … Read more
February 22, 2024 at 08:04PM Avast has agreed to pay $16.5 million after the FTC accused the antivirus vendor of selling customer data to third parties. The company must destroy web browsing data transferred to its subsidiary, Jumpshot, and obtain express consent for data licensing from users. Avast disputes the allegations but has settled with … Read more
February 22, 2024 at 11:55AM The FTC ordered Avast to pay $16.5 million and banned it from selling users’ web browsing data. The complaint alleges Avast harvested consumers’ data without consent and mislead them about privacy protection. Avast must obtain consent before selling browsing data and delete shared data. The company’s surveillance tactics compromised privacy … Read more
February 22, 2024 at 10:28AM Cyber extortion reached a new peak in early 2023. Businesses face rising cyberattacks, especially targeting sensitive data holders like banks and hospitals. Financially motivated cybercriminals exploit victims’ willingness to pay. Brands must respond transparently to incidents. It is critical for boards to elevate cybersecurity, audit sensitive information, update incident response … Read more
February 22, 2024 at 07:51AM The United States is offering significant rewards for information about cybercriminals involved in the disrupted LockBit ransomware operation. Law enforcement agencies have made seizures and implemented disruptions to the cybercrime operation, even mocking cybercriminals and taking down associated servers. Rewards, charges, sanctions, and crackdowns on individuals continue amidst skepticism about … Read more