Admin

The U.S. Securities and Exchange Commission has released revised cybersecurity guidance for publicly traded companies.

The guidance, approved unanimously by the commission on Tuesday, is meant "to assist public companies in preparing disclosures about cybersecurity risks and incidents," the SEC says.

"I believe that providing the commission's views on these matters will promote clearer and more robust disclosure by companies about cybersecurity risks and incidents, resulting in more complete information being available to investors," SEC Chairman Jay Clayton says in a statement. "In particular, I urge public companies to examine their controls and procedures, with not only their securities law disclosure obligations in mind, but also...

“This storm developing off the Southeast coast will meet the meteorological criteria of a “bomb” as it rapidly intensifies. The signal for a storm has been evident since last week, but as the track has been fine-tuned, impacts to the I-95 corridor are now expected. Snow, strong winds, and very cold temperatures are expected particularly the further east one heads,” said Ed Vallee, meteorologist at Vallee Weather Consulting LLC.

Winter Storm Grayson, a very large and powerful winter storm is threatening the East Coast of the United States with heavy snow, intense winds, and record-setting low temperatures. Winter storm watches and warnings have been issued for many coastal regions in north Florida to Maine from Wednesday into late...

"Hire someone who can give us the cybersecurity savvy we desperately require. Stop getting breached. Show investors and regulators we can protect our assets."

Anyone helping Atlanta-based credit bureau Equifax craft its most recent New Year's resolutions would have done well to help it focus on overhauling its information security practices, procedures and people. Indeed, the data breach that began last March at Equifax and which it discovered months later rates as one of the worst in history, with personal details for 145.5 million U.S. consumers - as well as others in Britain and Canada - having been stolen. Equifax continues to face investigations by Congress, the Justice Department, the U.S. Federal Trade Commission, regulators in...

Two Romanians recently arrested in Bucharest as part of a roundup of alleged ransomware attackers have been named as suspects in a U.S. indictment (see Police Bust Five Ransomware Suspects in Romania).

London-based Mihai Alexandru Isvanca, 25, and Eveline Cismaru, 28, both Romanian nationals, have been charged with wire fraud, conspiracy, computer crime and extortion, according to a Dec. 11 affidavit obtained by CNN. The affidavit was apparently unsealed by mistake before being resealed.

The affidavit, written by James Graham, a U.S. Secret Service special agent, supports a criminal complaint against Romanian nationals Isvanca and Cismaru. They have been accused of distributing ransomware via spam emails. Between Jan. 9 and Jan. 12,...

Five years ago, security researchers first spotted a strain of malware - nicknamed Ploutus - that was being used to infect ATMs in Mexico and drain them of their cash, in what's known as a cash-out or jackpotting attack.

Now, the U.S. Secret Service is warning ATM manufacturers that for the first time, such attacks have migrated to the United States. Security blogger Brian Krebs obtained a copy of an undated, confidential Secret Service memo that contains the warnings, and ATM makers NCR and Diebold Nixdorf on Friday issued their own advisories to customers.

The Secret Service says Ploutus.D was used in a coordinated attacks against standalone ATMs in box-big retailers and pharmacies over 10 days, according to a single, unnamed...

Technology giants and end users alike are still struggling to figure out how bad the Spectre and Meltdown flaws might be, how to get systems patched and whether those patches might protect users.

Spectre and Meltdown are both flaws in predictive computing, a concept that dates from 1967 but which wasn't put into practice until the 1990s. Since then, the technique has been used to increase the speed of computers in a manner that is built into CPU hardware, including chips manufactured by Intel, AMD and ARM.

Several groups of researchers, working independently, last year discovered that these predictive techniques created an unfortunate side effect: they could be exploited.

The award for the best non-technical description of the...