Another day, another governmental entity hit with a ransomware attack. If you are a resident of Bernalillo County, New Mexico, and you need a marriage license, want to conduct a real estate transaction or register to vote,...more
Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on....more
1/14/2022
/ China ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA), jointly with the FBI and NSA, issued a Cybersecurity Advisory on January 22, 2022, to warn organizations, especially critical infrastructure operators, to be on...more
1/14/2022
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
National Security Agency (NSA) ,
Risk Management ,
Russia ,
Vulnerability Assessments
CYBERSECURITY -
FTC Warns Companies of Enforcement for Failing to Patch Log4j Vulnerability -
In what I would describe as an unusual but interesting move by the Federal Trade Commission (FTC), on January 4, 2022, it...more
1/7/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Federal Trade Commission (FTC) ,
Hackers ,
Personally Identifiable Information ,
Search Engines ,
Vulnerability Assessments
According to The Identity Theft Research Center (ITRC), data breaches in 2021 surpassed the previous record year of 2020 by 17 percent. The incidents ranged from the theft of cryptocurrency (Livecoin went out of business...more
In what I would describe as an unusual but interesting move by the Federal Trade Commission (FTC), on January 4, 2022, it issued a warning to companies “to remediate Log4j security vulnerability” or face an enforcement action...more
On January 1, 2022, Broward Health, which operates dozens of health care facilities in Broward County, Florida, notified over 1.3 million individuals that a threat actor gained access to and removed data from its system on...more
1/6/2022
/ Cyber Attacks ,
Data Breach ,
Data Protection ,
Data Security ,
Electronically Stored Information ,
Hackers ,
Health Care Providers ,
Information Technology ,
Multi-Factor Authentication ,
Personal Data ,
Personally Identifiable Information
CYBERSECURITY -
New Jersey Settles with Cancer Center Over Business Email Compromise -
One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the...more
12/27/2021
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Facebook ,
Fraud ,
Hackers ,
Hate Speech ,
Personally Identifiable Information ,
Popular
CYBERSECURITY -
Update on Apache log4j and Kronos Security Incidents -
It was a crazy weekend for cyber-attacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and...more
12/17/2021
/ COPPA ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Information Technology ,
Ransomware ,
Vulnerability Assessments
It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more
12/17/2021
/ Cloud Computing ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Risk Management ,
Software ,
Vulnerability Assessments
The Division of Legislative Automated Systems, which provides IT services to the Virginia General Assembly (the Assembly), detected a ransomware attack on December 10, 2021, that included “extremely sophisticated malware”...more
12/16/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
General Assembly ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Virginia ,
Vulnerability Assessments
On December 6, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) updated a previously issued Alert entitled APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine...more
A new report issued by Sophos, The State of Ransomware in Education 2021, found that the education sector as a whole experienced a higher level of ransomware attacks than any other industry in 2020....more
12/3/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Educational Institutions ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Vulnerability Assessments
Researchers at Mandiant have recently reported that a new ransomware group calling itself Sabbath appears to be the rebranded group Arcane and “picked up their pace” in November....more
12/2/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Educational Institutions ,
Hackers ,
Health Care Providers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA) and the FBI issued a joint Alert this week, entitled “Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends” outlining...more
11/24/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Holidays ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
November's "Patch Tuesday" Includes 55 Patches -
Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch...more
11/12/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Microsoft ,
Network Security ,
Personally Identifiable Information ,
Shopify ,
Vaccinations ,
Vulnerability Assessments
CYBERSECURITY -
FBI Warning: M&A Activity Targeted by Ransomware Groups -
The FBI issued a Private Industry Notification on November 2, 2021, warning companies that “ransomware actors are very likely using significant...more
11/5/2021
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Driverless Cars ,
Facebook ,
Facial Recognition Technology ,
FBI ,
Hackers ,
QR Codes ,
Ransomware ,
Vulnerability Assessments
The FBI issued a Private Industry Notification on November 2, 2021, warning companies that “ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim...more
11/5/2021
/ Corporate Sales Transactions ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
FBI ,
Hackers ,
Information Technology ,
Investment Opportunities ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Coveware recently issued its 2021 Q3 Ransomware blog article, which notes that ransomware attackers are “moving away from big game hunting” and are moving to the middle market. ...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
10/29/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Microsoft ,
Phishing Scams ,
Popular ,
Risk Management ,
SolarWinds ,
Supply Chain ,
Third-Party Service Provider ,
Vulnerability Assessments
Threat intelligence firm Mandiant released findings about a new Russian based hacking group dubbed FIN12, which is targeting the health care industry and companies with revenue over $300 million. Mandiant said that FIN12 is...more
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
If you think the Russians are only targeting U.S. companies and the defense industry, think again. The cyber war between Russia and the U.S. has escalated since the President threw down the gauntlet on Putin, and the...more
CYBERSECURITY -
Cyber Criminals Focusing on Clinics + Business Associates -
As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient...more
10/8/2021
/ Agribusiness ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Facebook ,
Farms ,
Google ,
Hackers ,
Instagram ,
Popular ,
Ransomware ,
Social Media ,
Vulnerability Assessments
Trucking company Forward Air revealed in a filing with the Securities and Exchange Commission that it suffered a ransomware attack in December 2020 (reportedly by Hades), which caused business disruption as it was forced to...more