US Commerce Department’s Bureau of Industry and Security Tightens Export Controls on Items Used in Surveillance and other Malicious Cyber Activities

The Commerce Department’s Bureau of Industry and Security (BIS) has released an interim final rule, establishing controls on the export, reexport, or transfer (in-country) of certain items that can be used for malicious cyber activities. The rule also creates a Read More …

Ransom Disclosure Act would give victims 48 hours to report payments

Victims of ransomware attacks in the United States may soon have to report any payments to hackers within 48 hours, according to a new legislation proposal titled the ‘Ransom Disclosure Act’. The bill was drafted by U.S. Senator Elizabeth Warren Read More …

API Releases New Standard for Pipeline Control Systems

On August 18, 2021, the American Petroleum Institute (API) released the third edition of Standard 1164, Pipeline Control Systems Cybersecurity. The edition has been in development since 2017—a result of expert input from over 70 organizations, including the US’s Department Read More …

United Nations calls for moratorium on sale of surveillance tech like NSO Group’s Pegasus

The United Nations has called for a moratorium on the sale of “life threatening” surveillance technology and singled out the NSO Group and Israel for criticism. The catalyst for that UN’s action is the recent allegation that NSO Group’s wares Read More …

CISA announces new vulnerability disclosure policy (VDP) platform

Last fall, CISA issued the final version of Binding Operational Directive (BOD 20-01), which was issued in support of the Office of Management and Budget M-20-32, “Improving Vulnerability Identification, Management, and Remediation”. This Directive reflects CISA’s commitment to strengthening cybersecurity Read More …

ENISA Releases Guidelines for Cloud Security for Healthcare Services

The healthcare sector is undergoing digitalization and adopts new technologies to improve patient care, offer new services for remote patients and reach operational excellence. The integration of new technologies in the complex healthcare IT infrastructure creates new challenges regarding data Read More …

Experian challenged over massive data leak in Brazil

After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and said it is likely that the incident was initiated in a corporate environment. Procon Read More …

Australian Home Affairs Minister takes issue with EU Electronic Communications Code

The Australian government, alongside counterparts from Canada, New Zealand, the United Kingdom, and the United States, have rallied together to declare that the unintended consequences of the new European Electronic Communications Code are putting children at risk. The new code Read More …