SEARCH
CISA Issues Final Order on Federal Vulnerability Disclosure, But Questions Remain
Federal agencies must publish a vulnerability disclosure policy by March 1, per a new CISA directive, but there is no provision for maturity assessments or resources to build a bug handling process.
UK Says Children’s Apps Must Have Built-in Privacy
New rules from the United Kingdom's Information Commissioner's took effect requiring office apps, social media platforms and online games specifically targeted at children to be designed with privacy in mind. Violators will be fined 4 percent of total revenue.
Gartner Warns CEOs Will be Personally Liable for Breaches by 2024
By 2024, 75 percent of CEOs will be held personally responsible and accountable for cyber-physical security incidents, research firm Garner said.
Notarized Malware Slips Into Mac App Store
A piece of malware made its way into the macOS app store after being accidentally notarized by Apple, allowing it to run on victims' Macs.
Cisco Warns of Exploits Against IOS XR Flaws
Attackers are actively trying to exploit a memory exhaustion vulnerability (CVE-2020-3566) in Cisco's IOS XR royter software.