If hackers are exploiting the Log4j flaw, CISA says we might not know yet
The agency harkened back to the long delay between vulnerability discovery and the Equifax breach.
FTC warns of potential penalties for firms that fail to fix Log4j software flaws
The agency says the warning applies to future vulnerabilities too.
FTC wants to know when financial data is compromised, will require encryption
The agency also tightened security requirements for financial institutions.
Do credit monitoring and ID protection services do enough for breach victims?
"We need to rethink how consumer data is stewarded," one customer advocate said.
SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage?
It could take years for the cases to play out in court.
As FireEye grapples with breach investigation, questions remain
The cybersecurity community and Capitol Hill are watching closely.