Daily NCSC-FI news followup 2019-10-13

Its Way Too Easy to Get a .gov Domain Name krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/ Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But […]

New York Passes Law to Update Data Breach Notification Requirements www.bleepingcomputer.com/news/security/new-york-passes-law-to-update-data-breach-notification-requirements/ New York Governor Andrew M. Cuomo signed the Stop Hacks and Improve Electronic Data Security (SHIELD) Act into law, with the new consumer privacy policy being designed to protect New Yorkers’ private data and strengthen the state’s data breach policies.. The signed legislation, sponsored […]

Brazil is at the forefront of a new type of router attack www.zdnet.com/article/brazil-is-at-the-forefront-of-a-new-type-of-router-attack/ On these sites, malicious ads (malvertising) run special code inside users’ browsers to search and detect the IP address of a home router, the router’s model. When they detect the router’s IP and model, the malicious ads then use a list of […]