Is Your Board Prepared for New Cybersecurity Regulations?

Boards are now paying attention to the need to participate in cybersecurity oversight. Not only are the consequences sparking concern, but the new regulations are upping the ante and changing the game.

Boards have a particularly important role to ensure appropriate management of cyber risk as part of their fiduciary and oversight role. As cyber threats increase and companies worldwide bolster their cybersecurity budgets, the regulatory community, including the SEC, is advancing new requirements companies will need to know about as they reinforce their cyber strategy.

Go To Article

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

EdFinancial and the Oklahoma Student Loan Authority (OSLA) are notifying over 2.5 million loanees that their personal data was exposed in a data breach.

The target of the breach was Nelnet Servicing, the Lincoln, Neb.-based servicing system and web portal provider for OSLA and EdFinancial, according to a breach disclosure letter.

Go to Article

Malicious proof-of-concepts are exposing GitHub users to malware and more

Malicious proof-of-concepts (PoCs) are potentially exposing GitHub users to malware and other malfeasance, researchers have found.

In a paper titled ‘How security professionals are being attacked: A study of malicious CVE proof of concept exploits in GitHub’, researchers from Leiden University in the Netherlands recently detailed how thousands of PoCs for known vulnerabilities contain dangerous elements that do more than billed.

Instead of performing an innocuous operation, these exploits could open the door to potential attack.

https://bit.ly/3sWFwfB

Fake financial regulators

Online fraud knows no bounds. Cybercriminals are adapting — not always successfully — their usual schemes for new countries. To wheedle out victims’ personal and banking data, they send e-mails purporting to be from, among others, online marketplaces, video streaming services and, of course, government agencies.

https://usa.kaspersky.com/blog/scam-for-scam-victims/27394/