New SEC Rules around Cybersecurity Incident Disclosures

The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules:

  1. Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays if there is a national security risk.
  2. Public companies must “describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats” in their annual filings.

The rules go into effect this December.

In an email newsletter, Melissa Hathaway wrote:…

August 2, 2023
Read More >>

Cybersecurity measures SMBs should implement

Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize. Company size does n…

July 19, 2023
Read More >>

Law firms under cyberattack

In April 2023, Australian law firm HWL Ebsworth was hit by a cyberattack that possibly resulted in data of hundreds of its clients and dozens of government agencies being compromised. The attack was claimed by the Russian-linked ALPHV/Blackcat ransomwa…

July 10, 2023
Read More >>

Delving Further: Analyzing Another XSS Vulnerability Found in the Bookly Plugin

Our previous blog explored an XSS vulnerability within the Bookly plugin (WordPress Online Booking and Scheduling Plugin – Bookly). Today, we will delve into another XSS vulnerability that came to light during our research on the same plugin. Our team discovered this vulnerability in March 2023. Following its discovery, we promptly initiated responsible disclosure procedures […]

The post Delving Further: Analyzing Another XSS Vulnerability Found in the Bookly Plugin appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

June 19, 2023
Read More >>