BHIS - Talkin' Bout [infosec] News 2024-06-24
Вставка
- Опубліковано 30 чер 2024
- A weekly Podcast with BHIS and Friends. stories. (blubrry.com/bhis/) We discuss notable Infosec, and infosec-adjacent news stories.
Chat with us on Discord! -
/ discord
🔴webcast-live-chat
Brought to you by:
/// 📄 Black Hills Information Security
www.blackhillsinfosec.com/
/// 📄 Antisyphon Training
www.antisyphontraining.com/
/// 🔗 Register for webcasts, summits, and workshops -
blackhillsinfosec.zoom.us/ze/...
/// News Stories & Chapters
00:00 - PreShow Banter™ - Life is a Highway
05:25 - BHIS - Talkin’ Bout [infosec] News 2024-06-24
06:31 - Story # 1: Colorado Privacy Act Amended To Include Biometric Data Provisions
www.insideprivacy.com/data-pr...
15:24 - Story # 2: Scathing report on Medibank cyberattack highlights unenforced MFA
www.bleepingcomputer.com/news...
25:43 - Story # 3: CDK suffered another data breach as it was attempting to recover
www.techradar.com/pro/securit...
x.com/laurenbalik/status/1803...
36:30 - Story # 4: LockBit claims the hack of the US Federal Reserve
securityaffairs.com/164873/cy...
41:30 - Story # 5: Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers
www.wired.com/story/amazon-ai...
47:10 - Story # 6: That PowerShell ‘fix’ for your root cert ‘problem’ is a malware loader in disguise
www.theregister.com/2024/06/1...
52:50 - Story # 7: US sanctions Kaspersky Lab executives, board members over ‘cooperation’ with Russia
www.theverge.com/2024/6/21/24...
55:04 - Story # 7b: Treasury Sanctions Kaspersky Lab Leadership in Response to Continued Cybersecurity Risks
home.treasury.gov/news/press-... - Розваги
Shecky bringing the real talk at 23:00 great points sir!
32:38 I believe you were talking about codespaces
So, an interesting discussion all around concerning the biometrics topic. I found that it was missing some context in the discussion however, where no one mentioned that there are already other national protective laws under HIPAA; and there really needs to be correlation related to how that applies as well, and where the cross-over might exist. The CO state law takes inclusive steps to couple biometrics under state privacy laws (in the absence of an overall, cohesive national set), but I'm curious where the thought was that gaps existed in HIPAA that needed this type of additional regulation. Regardless of knowing about this law, this concept has led to some interesting group discussions lately. Are hosted data centers now, or going to be, responsible for providing HIPAA related audit data, in addition to SOC 1/2, as part of the reporting to their clients? Biometrics are a huge part of their security controls and they have lots of client data.