Policy & Regulation: Page 8
-
Ethan Miller via Getty Images
MGM Resorts’ cyberattack headache continues as regulators launch investigations
The company said it could face fines in connection with regulatory inquiries stemming from the social engineering attack.
By David Jones • Feb. 26, 2024 -
Alex Wong via Getty Images
HHS reaches second-ever ransomware settlement
A mental healthcare provider didn’t have sufficient protections in place before a ransomware attack exposed the protected health information of more than 14,000 people, according to the HHS’ Office for Civil Rights.
By Emily Olsen • Feb. 22, 2024 -
halbergman via Getty Images
Biden administration issues executive order on port cybersecurity
The order will transfer crane manufacturing back to the U.S., amid concerns about potential cyber risk to port facilities, maritime transportation and threats from China.
By David Jones • Feb. 21, 2024 -
Anna Moneymaker via Getty Images
LockBit operations dismantled following international takedown
An international group of law enforcement partners seized the infrastructure of the prolific ransomware group, obtaining decryption keys along the way.
By David Jones • Feb. 20, 2024 -
Barks_japan via Getty Images
FBI-led operation disrupts botnet controlled by state-linked Forest Blizzard
Russia’s GRU-backed group exploited hundreds of vulnerable routers to conduct spear phishing and credential harvesting attacks against U.S. targets.
By David Jones • Feb. 16, 2024 -
bin kontan / Getty Images via Getty Images
State Department puts $10M bounty on AlphV ransomware group
The prolific ransomware group and its affiliates are behind some of the most high-profile attacks in the last year.
By Matt Kapko • Feb. 15, 2024 -
Greg Doherty via Getty Images
CISA blitzes Super Bowl with cyber campaign as businesses fumble security
CISA brought its Secure Our World initiative to Las Vegas, for the biggest annual event in sports. Will anyone heed the advice?
By Matt Kapko • Feb. 9, 2024 -
Permission granted by Information Technology Industry Council
National cyber director urges private sector collaboration to counter nation-state cyber threat
Harry Coker said the Biden administration is exploring plans to hold manufacturers accountable for poor security, while also working to harmonize regulations.
By David Jones • Feb. 9, 2024 -
Alex Wong via Getty Images
HHS settles cybersecurity investigation with Montefiore Medical Center
The nonprofit will pay $4.75 million to settle allegations that data security failures allowed an employee to steal and sell the protected health information of thousands of patients.
By Emily Olsen • Feb. 8, 2024 -
Kevin Dietsch via Getty Images
CISA, FBI confirm critical infrastructure intrusions by China-linked hackers
Federal agencies urged critical infrastructure providers and tech manufacturers to take immediate action to protect against malicious threat activity from Volt Typhoon.
By David Jones • Feb. 7, 2024 -
Zephyr18 via Getty Images
Mortgage industry attack spree punctuates common errors
Attacks against Mr. Cooper Group, Fidelity National Financial, First American Financial and loanDepot impacted operations and put customers in a bind.
By Matt Kapko • Feb. 6, 2024 -
Kevin Dietsch/Getty Images via Getty Images
Business, technology groups back SolarWinds motion to dismiss SEC charges
Former U.S. cybersecurity officials and a group of current and former CISOs warned the fraud suit against SolarWinds could chill intel sharing from the private sector.
By David Jones • Feb. 5, 2024 -
NicoElNino via Getty Images
Blackbaud settles FTC data security probe into 2020 ransomware attack
The company is required to delete unnecessary data and inform the agency of future breaches.
By David Jones • Feb. 2, 2024 -
onurdongel via Getty Images
China-linked hackers primed to attack US critical infrastructure, FBI director says
Christopher Wray and other top cybersecurity officials warned state-linked hackers are prepositioning for catastrophic attacks to distract from a potential military action.
By David Jones • Feb. 1, 2024 -
PorqueNoStudios/iStock via Getty Images
White House rejects efforts to undo SEC cyber disclosure rule
President Joe Biden would veto the joint resolution that aims to strip the agency’s authority to require companies to disclose cyber incidents and governance processes, the administration said Wednesday.
By Matt Kapko • Jan. 31, 2024 -
Naomi Eide/Cybersecurity Dive
What’s ahead for cybersecurity in 2024
A steady stream of threats and new regulations have executives tiptoeing around how to best detail security incidents.
By Naomi Eide • Jan. 31, 2024 -
Win McNamee via Getty Images
In 2024, the cybersecurity industry awaits more regulation — and enforcement
Private sector companies and critical infrastructure providers will face unprecedented demands for product security, intelligence sharing and transparency on data security.
By David Jones • Jan. 31, 2024 -
Retrieved from Progress Software on January 18, 2024
MOVEit liabilities mount for Progress Software
The company revealed multiple government investigations are underway into the MOVEit vulnerability. It’s also party to more than 100 class-action lawsuits.
By Matt Kapko • Jan. 30, 2024 -
bin kontan / Getty Images via Getty Images
Will the movement to ban ransom payments gain steam in 2024?
Policies and regulations around ransomware payments are widely expected to change in 2024, but how and to what effect remains in flux.
By Matt Kapko • Jan. 23, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA issues emergency directive for federal agencies to mitigate Ivanti vulnerabilities
Civilian agencies are under threat following a surge in nation-state linked exploitation of Ivanti Connect Secure and Ivanti Policy Secure devices.
By David Jones • Jan. 19, 2024 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA’s 1,200 pre-ransomware alerts saved organizations millions in damages
The federal agency’s early warning system notified organizations across multiple critical infrastructure sectors of potential impending attacks.
By Matt Kapko • Jan. 19, 2024 -
iStock/Getty Images Plus via Getty Images
5 cybersecurity trends to watch in 2024
Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.
By David Jones , Matt Kapko • Jan. 10, 2024 -
Permission granted by Carnegie Mellon University
CISA seeks comment on secure by design principles to boost global software security
The agency issued an RFI seeking industry input on costs, how to incorporate security into higher education and how to reduce recurring security vulnerabilities.
By David Jones • Dec. 21, 2023 -
FangXiaNuo via Getty Images
Cyber risk strategies in hot seat as SEC rules go live
A new climate of regulatory scrutiny is pushing companies to reassess how they manage cyber governance and mitigation at the highest levels.
By David Jones • Dec. 20, 2023 -
Chip Somodevilla/Getty Images via Getty Images
US leads AlphV ransomware infrastructure takedown
Law enforcement released a decryptor for the prolific threat group and ransomware affiliate service behind some of 2023’s most high-profile attacks.
By Matt Kapko • Dec. 19, 2023
Previous
