A bipartisan group of senators introduced a federal breach notification bill Wednesday that would require federal agencies, federal contractors and organizations that are considered critical to U.S. national security to report security incidents to CISA within 24 hours of discovery.
The U.S. has indicted four Chinese nationals working with the nation's Ministry of State Security in connection with an alleged hacking campaign conducted from 2011 to 2018 that targeted universities and government entities to obtain trade secrets, medical research and other intellectual property.
Two states have recently taken steps to bolster cybersecurity and data privacy protections. Connecticut has enacted a law designed to give certain legal protections to businesses that adhere to cybersecurity frameworks. And a new data privacy law in Colorado allows individuals to opt out of data collection.
In a new executive order, President Biden asks the FTC to establish new rules governing how tech firms can collect and use data from their customers as a way to offer more privacy protections for U.S. consumers. The order also looks to push the Justice Department to step up its antitrust enforcement.
Amazon's Alexa virtual assistant device and applications are unlawfully recording and storing highly sensitive and private conversations, including discussions of patient information, that were not meant to be recorded, four healthcare workers allege in a lawsuit seeking class action status.
A bipartisan bill introduced by Sens. Gary Peters and Ron Johnson would create a standardized cybersecurity training program for federal employees who purchase technology services. This bill follows a wave of attacks over the last two months that have targeted U.S. critical infrastructure.
This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.
The Justice Department has filed seven new criminal charges against Paige Thompson, who is suspected of hacking Capital One in 2019, compromising the data of 100 million Americans, including exposing hundreds of thousands of Social Security numbers. If convicted, She now faces a possible 20-year sentence.
Sens. Maggie Hassan and John Cornyn have introduced legislation that would create a pilot apprenticeship program within CISA. The Federal Cybersecurity Workforce Expansion Act would also create a cyber-training program within the Department of Veterans Affairs, equipping veterans to hold careers in cyber defense.
Cybersecurity pioneer John McAfee, 75, was found dead in a Spanish prison cell Wednesday, hours after a Spanish court had authorized his extradition to the U.S. to face tax evasion charges, according to news reports.
Colonial Pipeline Co. now faces at least two lawsuits seeking class action status in the aftermath of a ransomware attack in May that led the firm to shut down the operations of a 5,500-mile pipeline for nearly a week.
Republican and Democratic lawmakers have recently introduced several cybersecurity-related bills seeking to address issues ranging from imposing tougher penalties for cybercriminals to improving protection of school districts.