Social Security | Breaking Cybersecurity News | The Hacker News

The U.S. Department of Justice (DoJ) on Tuesday said it reached a settlement with VoIP service provider XCast over allegations that it facilitated illegal telemarketing campaigns since at least January 2018, in contravention of the Telemarketing Sales Rule ( TSR ). In addition to prohibiting the company from violating the law, the stipulated order requires it to meet other compliance measures, including establishing a process for screening its customers and calling for potential illegal telemarketing. The order, which also imposes a $10 million civil penalty judgment, has been suspended due to XCast's inability to pay. "XCast provided VoIP services that transmitted billions of illegal robocalls to American consumers, including scam calls fraudulently claiming to be from government agencies," the DoJ  said  in a press release. These calls delivered prerecorded marketing messages, most of which were sent to numbers listed on the National Do Not Call Registry. To make matter...

Thousands of Social Security numbers have been stolen from the computers of a New York state agency. The Social Security Administration in New York City reports that a subcontractor, who was working for the Office of Temporary Disability Assistance on computer infrastructure upgrades, illegally downloaded approximately 15,000 Social Security numbers. These numbers were taken from computers belonging to private contractors working for the agency, which is responsible for deciding Social Security disability claims. The commissioner of Social Security, Michael Astrue, confirmed that the accused worker has been arrested and is now in the custody of the New York State Police. According to Astrue, the unauthorized download of information occurred in a limited number of cases. However, investigations are ongoing, and the full extent of the damage is still unknown. Individuals whose information was compromised will be notified. They will also be offered free credit monitoring and a special ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...