Nebraska Man pleads guilty to $3.5 million cryptojacking scheme

December 5, 2024 at 10:42PM A Nebraska man pleaded guilty to running a significant cryptojacking operation, which involves illicitly using computer resources for cryptocurrency mining. His arrest and charges occurred in April, culminating in this recent plea. **Meeting Takeaways:** 1. A Nebraska man has pleaded guilty. 2. The case involves a large-scale cryptojacking operation. 3. … Read more

Six password takeaways from the updated NIST cybersecurity framework

December 4, 2024 at 10:34AM NIST’s updated password guidelines emphasize length over complexity for stronger security. Key recommendations include supporting long passphrases, implementing multi-factor authentication (MFA), avoiding mandatory password changes unless necessary, blocking known compromised passwords, and eliminating outdated recovery methods. These measures help organizations enhance password policies and reduce vulnerabilities. ### Key Takeaways from … Read more

Kids’ shoemaker Start-Rite trips over security again, spilling customer card info

November 14, 2024 at 07:09AM Children’s shoemaker Start-Rite is facing a serious security incident involving customer payment card details, marking its second major breach in eight years. The incident, occurring between October 14 and November 7, may have compromised sensitive information. Customers are advised to contact their banks and monitor transactions for fraud. ### Takeaways … Read more

NIST Explains Why It Failed to Clear CVE Backlog

November 14, 2024 at 06:10AM NIST reported that all known exploited CVEs in the backlog have been addressed, but acknowledged that completely clearing the backlog by October was overly optimistic. **Meeting Takeaways:** 1. **Status of CVE Backlog**: NIST has addressed all known exploited CVEs but acknowledges that clearing the entire backlog by October was an … Read more

5 steps to automate user access reviews and simplify IT compliance

July 17, 2024 at 10:41AM The evolving modern work landscape, driven by distributed teams and rapid SaaS adoption, presents significant challenges in maintaining IT compliance certifications. Navigating SaaS sprawl and completing user access reviews for compliance becomes complex and labor-intensive. Nudge Security offers an automated solution, from asset discovery to generating audit-ready reports, simplifying IT … Read more

Sprawling Sellafield Nuclear Waste Site Prosecuted for Cybersecurity Failings

April 1, 2024 at 04:31PM The UK regulator reported that one of the world’s most toxic sites faced cybersecurity “offenses” from 2019 to 2023. Based on the meeting notes, it seems that the UK regulator mentioned that a particularly hazardous site had experienced cybersecurity “offenses” from 2019 to 2023. This suggests a serious breach of … Read more

Getting Security Remediation on the Boardroom Agenda

March 27, 2024 at 09:25AM IT teams can improve their resilience to scrutiny by educating their board on risks, their mitigation, and their long-term strategy for risk management. Based on the meeting notes, the key takeaways are that the IT teams need to improve their ability to handle scrutiny by guiding the board in understanding … Read more

6 CISO Takeaways From the NSA’s Zero-Trust Guidance

March 15, 2024 at 12:33PM All companies, not just federal agencies, should strive to implement the “network and environment” aspect of the National Security Agency’s zero-trust guidelines. Based on the meeting notes, the key takeaway is that it is recommended for all companies, not just federal agencies, to strive to implement the “network and environment” … Read more

Blackbaud settles with FTC after that IT breach exposed millions of people’s info

February 2, 2024 at 04:20PM Blackbaud, facing criticism from the FTC for a data breach that exposed millions of people’s information, has agreed to strengthen its IT defenses. The settlement includes deleting unnecessary customer data, updating its data retention policy, and implementing enhanced security measures. The SEC and attorneys general have also secured settlements over … Read more