The US Federal Trade Commission (FTC) has amended its Safeguards Rule to require non-bank mortgage firms to report cybersecurity breaches. The rule, affecting breaches involving at least 500 consumers, will come into force on 27 April 2024. Data breaches are defined as events where unauthorised parties acquire unencrypted customer data. Mortgage companies have to notify the FTC no later than 30 days after discovering a breach.
DarkCloud Infostealer Escalates as Major Enterprise Threat with Scalable Credential Theft
Infostealers continue to dominate the initial access landscape in 2026, driving breaches through scalable credential theft. Among these, DarkCloud has emerged as a major threat, illustrating how
