News & Analysis as of

Vulnerability Assessments

White House Announces Vulnerabilities Equities Policy and Process

by Balch & Bingham LLP on

On November 15, 2017, the Trump administration released the Vulnerabilities Equities Policy and Process. This documents describes the process by which U.S. agencies and departments determine whether to disclose or restrict...more

Privacy Tip #112 – LG Releases IoT Software Update

Security researchers at Check Point discovered software vulnerabilities in LG IoT devices which allowed them to potentially gain control over LG refrigerators, ovens, dishwashers and a live feed from a robot vacuum cleaner. A...more

Government Warns of Threat Activity Targeting Critical Infrastructure through Third-Party Access

A cloak of secrecy usually covers covert government activities when it comes to the latest cyber threats and intelligence. But in a rare public statement, the U.S. government has warned that hackers are targeting government...more

Data Privacy + Cybersecurity Insider - October 2017 #3

by Robinson & Cole LLP on

Security researchers this week have found a new vulnerability that affects Wi-Fi Protected Access II, also known as WPA2, which is the security protocol used by many wireless networks. The vulnerability, Key Reinstallation...more

“KRACK” WiFi Security Vulnerability Discovered

Security researchers this week have found a new vulnerability that affects Wi-Fi Protected Access II, also known as WPA2, which is the security protocol used by many wireless networks....more

Data Privacy + Cybersecurity Insider - October 2017 #2

by Robinson & Cole LLP on

FBI Issues Flash Alert on Apache Struts Vulnerability - The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most...more

Plaintiffs’ Lawyer Predicts $1 Billion Settlement in Data Breach Case – But Where’s the “Harm”?

by Orrick - Trust Anchor on

This week, a high profile plaintiffs’ firm (Edelson) stated that “if done right,” the data breach class actions against Equifax should yield more than $1 billion in cash going directly to more than 143 million consumers...more

The Mummy’s Hand and a Risk-Based Approach at the Board Level

by Thomas Fox on

Today we consider the 1940’s film, The Mummy’s Hand as the second installment in Universal Pictures series featuring this creature. Boris Karloff departed the role and it was taken over for one film by Tom Tyler, who was...more

Equifax Flunked Index Provider’s Cybersecurity Test A Year Ago

A financial index provider foretold the Equifax Inc. data breach more than a year ago, warning that the rating agency “is vulnerable to data theft and security breaches.”...more

OCIE Lessons From Cybersecurity 2 Initiative

by Carlton Fields on

On August 7, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a risk alert containing observations from its Cybersecurity 2 Exam Initiative. As a follow-up to the 2014 Cybersecurity 1 initiative, the...more

Bipartisan Group of Senators Introduce Bill to Impose Baseline Security Requirements for IoT Devices Provided to U.S. Government

by Hogan Lovells on

On August 1, a bipartisan group of four senators introduced a bill that would impose specific cybersecurity requirements on providers of Internet of Things (IoT) devices when doing business with the U.S. Government and...more

Privacy Tip #99 – If you are an IoT Fanatic, this App is for You

Last January, the Federal Trade Commission (FTC) launched the IoT Home Inspector Challenge, a contest that requested participants to come up with a tool that would identify security issues that are caused by out-of-date...more

FTC Submits Comment To Aid NTIA In Developing Internet of Things Guidance

by Ballard Spahr LLP on

In its latest effort to address security concerns about Internet of Things (IoT) devices, the Federal Trade Commission (FTC) has submitted public comments to the National Telecommunications and Information Administration's...more

Malware Capable of Shutting Down Electric Grids Confirmed

by Hogan Lovells on

Malware was recently identified that appears to have been designed and deployed by a nation-state to target and shut down electric grids. According to published reports, this malware currently appears to be capable of...more

Asset management: Coming out of the shadows - Financial Stability Board addresses structural vulnerabilities from asset...

by White & Case LLP on

On 12 January 2017, the Financial Stability Board (FSB) published its Policy Recommendations to Address Structural Vulnerabilities from Asset Management Activities....more

Funds Talk: May 2017 - CFTC Among Regulators Demanding Cybersecurity Vigilance

While the Securities and Exchange Commission (SEC) has garnered significant attention for its increased efforts and focus on regulating and enforcing enhanced cybersecurity measures within the U.S. financial markets, the...more

Orrick's Financial Industry Week In Review

Rating Agency Developments - On April 19, 2017, Fitch issued a report entitled Airport Operating Lease ABS Rating Criteria. On April 14, 2017, Fitch issued a report entitled North America and Asia-Pacific...more

It’s Getting Hot in Here! – Employers React with Concern and Confusion to Cal/OSHA Draft Indoor Heat Illness Standard

by Fisher Phillips on

For the past 12 years, California has maintained a Cal/OSHA standard designed to minimize heat illness in outdoor places of employment. However, legislation enacted last year (SB 1167) now requires Cal/OSHA to develop a heat...more

The FTC’s Public Comment on the NTIA’s Draft Coordinated Vulnerability Disclosure Template Reflects Further Support for the NIST’s...

by Moore & Van Allen PLLC on

In August 2016, the Federal Trade Commission (“FTC”) addressed the effect of the Cybersecurity Framework (“NIST Framework”) issued by the National Institute of Standards and Technology on FTC enforcement actions under Section...more

Bounty or Bug Programs: A How-To Guide

by Bryan Cave on

Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of security issues, and/or auditing IT systems. There is a great deal of debate,...more

No Harm, But Foul? FTC Sues Internet of Things Maker D-Link for Security “Vulnerabilities” Despite No Allegations of Breach

by Orrick - Trust Anchor on

Shortly after the new year, the Federal Trade Commission filed suit in the Northern District of California against D-Link Corporation, a Taiwan-based maker of wireless routers, Internet Protocol (IP) cameras, and software...more

Global Cybersecurity Threats to the Maritime Sector

by Holland & Knight LLP on

Cybersecurity risks to the nation's critical infrastructure (CI) – defined as 16 CI sectors, including transportation and maritime – continue to grow exponentially. The incoming Trump Administration has made it clear that...more

FTC Releases Data Breach Response Guide

by Morgan Lewis on

On October 25, the Federal Trade Commission (FTC) released new guidance for businesses that outlines recommended actions to take when facing a data breach. This data breach response guide (Guide) follows the FTC's prior...more

Data Privacy Considerations for Starting or Evaluating a Bounty Program

by Bryan Cave on

Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of security issues, and/or auditing IT systems. There is a great deal of debate,...more

Privacy Tip #31 – Landlines still a safe way to communicate but telephone companies want to drop them

I am pretty up to date on data privacy and security and technology, but the 60 Minutes episode this past Sunday night floored even me. If you didn’t see it, it is worth streaming. Basically, 60 Minutes showed Karsten...more

34 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.