Marriott Faces Federal Action Over Major Data Breaches Affecting Millions The U.S. Federal Trade Commission (FTC) announced on Wednesday that Marriott International and its subsidiary, Starwood Hotels & Resorts Worldwide, will be mandated to implement an information security program as part of a settlement related to several significant data breaches…
Chinese State-Sponsored Hacking of U.S. Treasury Workstations: A Major Incident The U.S. Treasury Department recently reported a significant security breach, revealing that Chinese hackers gained access to its workstations via a third-party cloud service. This alarming incident, which the department categorized as a "major incident" in a letter to Congress,…
The United States government has unveiled a set of proposed cybersecurity regulations aimed at mitigating the ramifications of health data breaches. These new rules are designed to bolster the safeguarding of sensitive health information amid a significant uptick in high-profile data compromises affecting millions of Americans. Anne Neuberger, the Deputy…
The recent developments in passkey technology highlight significant challenges faced by users, particularly regarding cross-platform functionality and ease of access. A new feature announced allows users to create passkeys directly on security keys, a move that aims to enhance user convenience. However, many industry experts argue that the implementation across…
On Saturday, a wave of complex cyberattacks targeted nine websites belonging to the Italian government, leading to significant disruptions across critical digital services. Among the compromised sites were the Ministry of Foreign Affairs and the official platforms for Milan’s principal airports, Linate and Malpensa. Despite the severity of the attack,…
Governance & Risk Management, Operational Technology (OT) Attackers Exploiting OS Command Injection Vulnerability Prajeet Nair (@prajeetspeaks) • December 30, 2024 An industrial router crafted by Four-Faith (Image: Four-Faith) A high-severity command injection vulnerability is currently being exploited by malicious actors targeting Four-Faith industrial routers, which are manufactured in China. This…
New Cybersecurity Regulations Projected to Cost Healthcare Sector $9 Billion in First Year In response to escalating data breach threats, the Biden administration is proposing a series of stringent cybersecurity regulations aimed at healthcare organizations across the United States. These new rules, prompted by the alarming rise in cyberattacks, particularly…
In the landscape of cybersecurity, 2024 has emerged as a year marked by heightened risks and evolving threats as malefactors, ranging from powerful oligarchs to state-sponsored hackers, intensify their disruptive operations. The tug-of-war between regulatory oversight and anarchic exploitation on the internet continues to shape the digital realm, with 2024…
Volkswagen Group Faces Major Data Breach Exposing Sensitive Information of Electric Vehicle Owners A serious data breach has come to light, revealing that sensitive data related to approximately 800,000 electric vehicles (EVs) belonging to the Volkswagen Group was stored on an unsecured cloud server for an extended period. This incident,…
