CYBERSECURITY -
CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine -
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
3/4/2022
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Information Blocking Rules ,
Malware ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Russia ,
T-Mobile ,
Ukraine ,
Vulnerability Assessments
CYBERSECURITY -
White House Focused on Combating Ransomware -
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large...more
7/16/2021
/ Article III ,
Biden Administration ,
Canon ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Ransomware ,
Smart Devices ,
Standing ,
Telemarketing ,
Text Messages
CYBERSECURITY -
NYDFS -
Cybersecurity Certificate of Compliance Due April 15, 2021
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
1/22/2021
/ Blockchain ,
California Consumer Privacy Act (CCPA) ,
CARES Act ,
Class Action ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Financial Services Industry ,
Hackers ,
HIPAA Breach ,
Malware ,
Marriott ,
NYDFS ,
Paycheck Protection Program (PPP) ,
Personal Data ,
Personally Identifiable Information ,
Russia ,
SolarWinds ,
Vaccinations
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/7/2020
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Infectious Diseases ,
Malware ,
Medical Records ,
OCR ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Public Health ,
Retailers ,
Tax Fraud ,
Vulnerability Assessments
It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more
12/23/2019
/ Biometric Information ,
Clinical Laboratories ,
Connected Cars ,
Connected Items ,
Criminal Conspiracy ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Extradition ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Settlement
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more
12/11/2019
/ Aviation Industry ,
Beneficiaries ,
Biometric Information ,
Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Restaurant Industry ,
Settlement Agreements ,
Virtual Currency
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more
9/13/2019
/ Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Debt Collectors ,
Digital Assets ,
Educational Institutions ,
Enforcement Actions ,
Financial Services Industry ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Medical Records ,
Municipalities ,
NIST ,
Personally Identifiable Information ,
Ransomware ,
TCPA
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The...more
6/7/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Exploitation ,
Extortion ,
FBI ,
Genetic Materials ,
Genetic Testing ,
Hackers ,
Information Technology ,
Malware ,
OIG ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Quest Diagnostics ,
Vulnerable Victims
Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware...more
5/31/2019
/ Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Malware ,
Manufacturers ,
OCR ,
Personally Identifiable Information ,
Ransomware ,
Robocalling ,
Telemarketing
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at...more
5/3/2019
/ Best Practices ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Limitation of Liability Clause ,
Phishing Scams ,
Popular ,
Unmanned Aircraft Systems
According to Hiscox’s Third Cyber Readiness Report, which surveyed 5,400 firms in the U.S. and the E.U., cyber threats have “become the unavoidable cost of doing business today.” The Report notes that for the first time, “a...more
4/29/2019
/ Charitable Donations ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
Popular ,
Scams ,
Vulnerability Assessments
The Department of Homeland Security (DHS) issued a warning on April 15, 2019 entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more
4/19/2019
/ Cookies ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Email ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams
Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom and get the decryption key to...more
1/21/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Cell Phones ,
Commercial General Liability Policies ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data-Sharing ,
Drones ,
Geological Data ,
Hackers ,
HIPAA Breach ,
Personally Identifiable Information ,
Ransomware ,
Right to Privacy ,
Risk Management ,
Rulemaking Process ,
WISP
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well, maybe not for the holiday reading list. We need to be careful not to bring up the results...more
12/27/2018
/ Article III ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Driverless Cars ,
Drones ,
Experian ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
OCR ,
Public Health ,
Risk Management ,
Smart Devices ,
Standing ,
Transportation Industry ,
Vaccinations ,
Value-Based Care ,
Vulnerability Assessments
The U.S. Patent and Trademark Office (USPTO) announced last week that it has discovered unauthorized users have attempted to hack into its online trademark system to attempt to make unauthorized changes to active trademark...more
10/29/2018
/ Airspace ,
Beyond Visual Line Of Sight (BVLOS) ,
Centers for Medicare & Medicaid Services (CMS) ,
Credit Security Freeze ,
Cyber Attacks ,
Data Breach ,
Drones ,
Employee Training ,
General Electric ,
Hackers ,
HIPAA Breach ,
Intellectual Property Protection ,
Legal Ethics ,
New Legislation ,
Risk Management ,
Small Business ,
Trademark Application ,
Trademark Registration ,
Unmanned Aircraft Systems ,
USPTO
The Office of Inspector General (OIG) recently announced the creation of a cybersecurity team focused on combating threats within the Department of Health & Human Services (HHS), and within the health care industry. ...more
The State of California is once again leading the way with trying to keep up with technology and protecting consumers. Senate Bill 327 requires Internet of Things (IoT) developers to implement “reasonable security features”...more
10/1/2018
/ Biometric Information ,
Biometric Information Privacy Act ,
Blockchain ,
COPPA ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Drones ,
Fingerprints ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Hurricane Florence ,
Insurance Claims ,
Internet of Things ,
Online Safety for Children ,
Passwords ,
Popular ,
Property Damage ,
Settlement ,
State Farm ,
Uber
We have previously reported on the ongoing cybersecurity issues with St. Jude defibrillators [view related posts here, here, and here]. On June 29, 2018, the Food and Drug Administration (FDA) classified the required firmware...more
7/16/2018
/ Adidas ,
Computer Fraud and Abuse Act (CFAA) ,
Constitutional Challenges ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Drones ,
Emergency Management Plans ,
Emergency Response ,
EU-US Privacy Shield ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Hackers ,
Healthcare ,
Healthcare Facilities ,
HIPAA Breach ,
Medical Devices ,
Mobile Apps ,
Popular ,
Ransomware ,
Regulatory Requirements ,
Regulatory Violations ,
St Jude Medical Center ,
Wildfires
Just weeks after Mexico’s central bank was targeted by hackers who stole $15 million, Chile’s biggest bank, Banco de Chile, announced on May 28, 2018, that it had been struck by a “virus” that affected its workstations,...more
7/2/2018
/ Banks ,
Carpenter v US ,
Cell Phones ,
Credit Reporting Agencies ,
Criminal Convictions ,
Cryptocurrency ,
Currency Exchange ,
Data Breach ,
Drones ,
Electronic Records ,
Electronically Stored Information ,
Exigent Circumstances ,
Fourth Amendment ,
Geolocation ,
Hackers ,
Harassment ,
Identity Theft ,
Location Data ,
location-da ,
Malware ,
NYDFS ,
Probable Cause ,
Reasonable Expectation of Privacy ,
Registration Requirement ,
Remand ,
Reversal ,
Robocalling ,
SCOTUS ,
Third-Party ,
Warrantless Searches
Bezop Cryptocurrency Investors’ Personal Information Exposed -
Kromtech Security has reported that the sensitive personal information of more than 25,000 investors of Bezop cryptocurrency was exposed when a MongoDB...more
5/4/2018
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Digital Currency ,
Drones ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Hospitality Industry ,
PHI ,
Smart Devices ,
Unmanned Aircraft Systems ,
Virtual Currency
“Orangeworm” Targeting Health Care Industry -
In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the...more
4/27/2018
/ Blue Shield ,
Criminal Investigations ,
Cyber Attacks ,
Cyber Insurance ,
Data Breach ,
Digital Currency ,
Drones ,
Enforcement Actions ,
Extraterritoriality Rules ,
Hackers ,
Health Care Providers ,
Healthcare ,
Medical Devices ,
Personal Data ,
PHI ,
Risk Management ,
Scams ,
September 11th Victim Compensation Fund ,
SunTrust ,
Unmanned Aircraft Systems ,
US v Microsoft ,
Virtual Currency
U.S. Estimates that Cyber Hacks Cost Up to $109 Billion in 20 -
The Council for Economic Advisors (CEA) issued a report this month, entitled “The Cost of Malicious Cyber Activity to the U.S. Economy,” which concludes that...more
2/26/2018
/ Banking Sector ,
Bitcoin ,
Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Digital Currency ,
Disclosure Requirements ,
Drones ,
Federal Agency Taskforce ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Malware ,
OCR ,
PHI ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
TCPA ,
Virtual Currency
US-CERT Warns of New Ransomware: Bad Rabbit -
The U.S. Computer Emergency Readiness Team (US-CERT) is warning companies in the U.S. about a new ransomware dubbed “Bad Rabbit.” US-CERT stated it has received multiple...more
11/3/2017
/ Airspace ,
Biometric Information ,
Centers for Medicare & Medicaid Services (CMS) ,
Children's Health Insurance Program (CHIP) ,
Class Action ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Department of Transportation (DOT) ,
Drones ,
Federal Aviation Administration (FAA) ,
Federal Pilot Programs ,
Fingerprints ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hilton ,
Hospitality Industry ,
Hotels ,
Hyatt ,
Information Technology ,
Internet of Things ,
LG Electronics ,
Malware ,
Medicare Access and CHIP Reauthorization (MACRA) ,
MIPS ,
NASA ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Unmanned Aircraft Systems ,
US-CERT
Security researchers this week have found a new vulnerability that affects Wi-Fi Protected Access II, also known as WPA2, which is the security protocol used by many wireless networks. The vulnerability, Key Reinstallation...more
10/24/2017
/ Amazon Marketplace ,
Biometric Information ,
Biometric Information Privacy Act ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Drones ,
Electronically Stored Information ,
Email ,
Extraterritoriality Rules ,
Hackers ,
Hyatt ,
Microsoft ,
Mobile Devices ,
Network Security ,
Personal Data ,
Privacy Concerns ,
Public Wireless Networks ,
Risk Management ,
SCOTUS ,
Stored Communications Act ,
US-CERT ,
Vulnerability Assessments ,
Wifi ,
Wireless Technology
In response to the WannaCry ransomware attack that infiltrated the computer systems of health care systems and other entities worldwide on or around May 12, 2017, HHS’ Office of the Assistant Secretary for Preparedness and...more