Senators Draft a Federal Breach Notification Bill govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
More than five months after the SolarWinds supply chain attack came to light, federal agencies continue to struggle with supply chain security, according to a top
Federal Agencies Struggling With Supply Chain Security bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Get Permission
Clockwise from top left: Aruna Viswanatha, The Wall Street Journal; Luke Dembosky, Debevoise & Plimpton LLP; Adam Hickey, U.S. Justice Department; and Tonya Ugoretz, FBI Cyber Division; at RSA Conference 2021
Since the supply chain attack that targeted SolarWinds and its customers was uncovered in December 2020, some members of Congress have been pushing for a nationwide data breach notification law.
What would a U.S. data breach notification law require? In a Tuesday panel discussion at RSA Conference 2021, officials with the U.S. Justice Department and the FBI, along with a legal expert, debated what such a law might include.
Analysts Uncover More Servers Used in SolarWinds Attack Twitter Get Permission
Researchers at the security firm RiskIQ say they ve discovered more than a dozen previously undocumented command-and-control servers used in the SolarWinds supply chain attack, showing that the cyberespionage operation was much larger than previously identified.
U.S. investigators say the Russian Foreign Intelligence Service, aka SVR, was responsible for the attack.
Many of these command-and-controls servers were hosted within the U.S. by cloud infrastructure service providers, including Amazon Web Services, to help the attackers avoid detection and blend with normal network traffic, RiskIQ says in a new report.