Subscribe To Our Daily Enewsletter:

Cybersecurity Breaches and Attacks

MSSP Alert’s news coverage and analysis of cybersecurity breaches and attacks — including hackers, malware, viruses, worms, ransomware, distributed denial of service attacks (DDoS), phishing, stolen passwords, social engineering and more.

Facebook CEO Zuckerberg Vows Data Access Policy Changes Amid Harvesting Scandal

Facebook CEO Mark Zuckerberg responds to user privacy crisis and vows changes after the social media giant “made mistakes.”

How to Avoid A Compliance Breakdown

If you want your car to last, you must embrace regularly scheduled service. The same is true of any compliance program, whether it be the PCI Data Security Standard, the forthcoming GDPR or ISO 27001 certification.

Cylance Uncovers Threat Actor Used to Target Critical Infrastructure

Advanced threat prevention software provider Cylance finds Cisco Systems router used by threat actor to target aviation, energy & other critical infrastructure.

Walmart Partner Exposes Personal Data of 1.3 Million Customers on AWS Cloud

Researchers find a publicly accessible Amazon Web Services (AWS) cloud S3 bucket that contains the personal data of more than 1.3 million Walmart customers in the U.S. & Canada.

Russian Cyber Attackers Could Have Shut Down U.S. Power Grid, DHS & FBI Say

Russian cyber attacks could have shut down nuclear power plants and systems controlling water, electricity, aviation and commercial manufacturing, U.S. officials say.

Meltdown, Spectre Patch Management Process: 88% Frustration

After the confusing Meltdown & Spectre patch management rollout process, 88% of organizations are frustrated and 72% plan to slow down future patch rollouts, a Barkly study shows.

Education Department Threatens to Pull Funding for Non-Compliance

U.S. Department of Education (ED) guidance threatens to “yank” Title IV funding for post-secondary institutions lacking appropriate data security safeguards.

Avoid These Common Incident Response Assumptions and Planning Mistakes

Cybersecurity incident response requires three core components: planning, tabletop exercises, and identifying critical assets and data. Delta Risk explains how to get started.

SEC Charges Former Equifax U.S. CIO With Insider Trading

SEC charges former Equifax U.S. Information Systems Chief Information Officer (CIO) Jun Ying with insider trading. SEC alleges Ying sold Equifax stock options to avoid security breach-related losses.

GDPR and Financial Services – Imperatives and Conflicts

GDPR emphasizes transparency and the rights of data subjects. Those focus areas may lead to conflicts with the other compliance directives. Kuppinger Cole explains why.