Litigation against corporate board members and C-level executives for data privacy and security claims is on the rise. Recently, plaintiffs have targeted corporate board members and C-level executives alleging that their data privacy–related claims result from a breach of fiduciary duties.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Fraudster revealed how criminals make money using underground bots that steal multifactor authentication codes and link stolen cards to contactless payments like Apple Pay.
Ransomware group claims that it stole 161 GB of data from Coca-Cola, including login credentials and financial data, and offering data for sale at 1.6 bitcoin (about $64,000). Coca-Cola has yet to confirm the data theft.
By owning a trusted CA, Russia can also now host as many man-in-the-middle attacks, which are generally privacy attacks. Additionally, state-sponsored hacking groups can produce certificates for devices meant to intercept traffic and view all of the encrypted communications.
Microsoft researchers say that Russian cyber attacks in March against a television broadcaster and a nuclear plant directly preceded military action directed at those targets.
Lazarus APT targets the employees of blockchain companies with fake job offers, tricking them into downloading trojanized apps that steal security keys and make fraudulent transactions.
Whether it is company culture or an individual attitude, developers do appear to be commonly shipping vulnerable code with the full knowledge that there are weaknesses in it.
APIs are the backbone of numerous popular web services because of their utility, ubiquity, and increasing architectural choices. Regardless of the API architecture chosen, there are shared factors that make them all vulnerable.
Lapsus$ hackers repeatedly accessed T-Mobile's internal systems, including Atlas account management system capable of SIM swapping, and downloaded thousands of source code repositories.
As the war in Ukraine intensifies and the risk of cyber-attacks from Russia grows, protecting intellectual property is both a national security issue, and also an economic one.










