A ruling in the U.S. Securities and Exchange Commission action against SolarWinds swept away much of the basis that the SEC relied upon in its amended complaint. Practically speaking, the focus by companies (public and private) on public security statements goes up, and those statements may become few and far between. Also, securities lawyers will be able to continue tried and true practices on cybersecurity securities disclosure. And, the focus on enhanced disclosure controls during an incident continues.
Cybersecurity Lawyer
- 128 Followers
- 174 Following
- 618 Posts
Lawyer focused on Cybersecurity and Privacy Regulation
http://linkedin.com/in/cybersecuritylawyer
BleepingComputerAs Genetic testing provider 23andMe faces multiple lawsuits for an October credential stuffing attack that led to the theft of customer data, the company has modified its Terms of Use to make it harder to sue the company.
Kevin BeaumontNissan Australia and New Zealand are dealing with a “cyber incident”, which likely translates as ‘paying the ransom with the help of the Australian government’. https://www.nissan.com.au/ #threatintel
In other news, a reminder to keep Serv-U up to date. https://www.bleepingcomputer.com/news/security/clop-gang-exploiting-solarwinds-serv-u-flaw-in-ransomware-attacks/
AxiosDays after a data breach allowed hackers to steal 6.9 million 23andMe users' personal details, the genetic testing company changed its terms of service to prevent customers from suing the firm or pursuing class-action lawsuits against it. https://t.co/8R8Fa5kAgw
This is a longish read but I really go all in on what I think about the ransomware situation and what CitrixBleed signifies in this: https://doublepulsar.com/what-it-means-citrixbleed-ransom-group-woes-grow-as-over-60-credit-unions-hospitals-47766a091d4f
When the U.S. Securities and Exchange Commission filed a complaint against SolarWinds, they used a security statement from their website to make claims of securities fraud. The implications are concerning. #sec #cybersecurity
https://technologylaw.fkks.com/post/102iu09/the-sec-turns-false-marketing-into-securities-fraud
California is poised to issue the most sweeping cybersecurity regulation in the US and maybe the world. They are doing it through audit requirements. #cybersecurity #regulation #CCPA #audit https://technologylaw.fkks.com:443/post/102is68/cppa-draft-cybersecurity-audit-regulation-revisions-3-takeaways?LinkSource=PassleApp
Laffy👀 ”Extremists keep trying to trigger mass blackouts — & that’s not even the scariest part
…exposing the reporting gaps between the state and federal agencies that oversee its security.”
…Law enforcement officials have blamed much of the rise in grid assaults on white nationalist and far-right extremists, who they say are using online forums to spread tactical advice on how to shut down the power supply.” https://www.politico.com/news/2023/09/10/power-grid-attacks-00114563
Patrick C Miller 
The Comedy of Errors That Let China-Backed Hackers Steal Microsoft’s Signing Key https://www.wired.com/story/china-backed-hackers-steal-microsofts-signing-key-post-mortem/
