The FTC finalized an order regarding Blackbaud’s failure to implement appropriate security after a 2020 ransomware attack. The company must delete unnecessary data, develop a comprehensive security program, and report data deletion practices. Blackbaud must also notify the FTC of any future data breaches. The company settled with the SEC and multiple states for misleading disclosures following the attack.
North Korean hackers step up phishing attacks on Ukraine government
North Korean state-sponsored cyber actor, TA406, is carrying out phishing attacks and credential-stealing operations against Ukrainian government entities to gather intelligence on the Russian invasion,
