The National Institute of Standards and Technology (NIST) has issued helpful recommendations for consumers to consider when securing home routers. The publication, issued on September 10, 2024, emphasizes how important it is...more
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning...more
HealthEquity, an administrator of workplace benefits for more than 15 million people, is notifying 4.3 million individuals, starting on August 9, 2024, that their personal information was compromised. The compromised data...more
If you are a customer of CrowdStrike, you are working on recovering from the outage that occurred on July 19, 2024. As if that isn’t enough disruption, CrowdStrike is warning customers that threat actors are taking advantage...more
7/25/2024
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Infrastructure ,
Internet ,
Phishing Scams ,
Risk Management ,
Websites
Bleeping Computer has reported that Rite Aid has disclosed a data breach affecting 2.2 million individuals.
According to the report, Rite Aid stated in its filing with the Maine Attorney General that “We determined by...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
7/12/2024
/ Consent ,
Consumer Privacy Rights ,
COPPA ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Notification Requirements ,
Personal Data ,
Privacy Policy ,
Rhode Island ,
State Privacy Laws
Security research firm Halcyon recently reported that it “encountered” a new ransomware organization dubbed Volcano Demon several times in the past few weeks....more
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more
July is Military Consumer Month. This month, we celebrate democracy and the past service of our veterans and those presently in service for protecting us and our democracy. Thank you so very much....more
The Health Sector Cybersecurity Coordination Center (HC3) provides timely updates to the health care sector on cybersecurity threats and mitigation. In the last several weeks, HC3 has issued two alerts worth paying close...more
In the Biden Administration’s continuing effort to reduce the risk of cybersecurity spyware from foreign adversaries, including Russia, the United States Department of Commerce (Commerce) issued a final rule (Rule) on June...more
It is being reported that Black Basta (aptly named) exploited a Microsoft zero-day prior to Microsoft’s release of a patch for the vulnerability back in March....more
Impersonation schemes are on the rise, and artificial intelligence (including deep fakes and voice cloning) will only make these schemes more difficult to detect.
Threat actors are emboldened, evidenced by the fact that...more
CYBERSECURITY -
CISA Issues Advisory on Black Basta Ransomware -
On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that...more
5/17/2024
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Security ,
NIST ,
Ransomware ,
Risk Mitigation
On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that have targeted over 500 private industry and critical infrastructure...more
CYBERSECURITY -
Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks -
The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
5/13/2024
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
Snapchat ,
Surveillance ,
TikTok
CYBERSECURITY -
Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks -
The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
5/10/2024
/ Consumer Privacy Rights ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Personal Data ,
Personally Identifiable Information ,
Social Media
Cyber adversaries in China and Russia continue to be a formidable threat to U.S. based companies. In the past, scams might be detected because a word was misspelled or the context didn’t make sense. Now, with the help of...more
CYBERSECURITY
HC3 Warns Health Sector About Social Engineering Attacks Against IT Help Desks -
The Health Sector Cybersecurity Coordination Center (HC3) recently issued an Alert warning that “threat actors employing...more
4/12/2024
/ California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Information Technology ,
Risk Management
The Health Sector Cybersecurity Coordination Center (HC3) recently issued an Alert warning that “threat actors employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access...more
CYBERSECURITY -
Patch, Patch, Patch: Updates for Fortinet, Microsoft, and Adobe Products -
Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky....more
CYBERSECURITY -
HC3 Warns Healthcare Organizations about Akira Ransomware Group -
The Health Sector Cybersecurity Coordination Center (HC3) recently warned the health care sector about the Akira ransomware group that...more
2/21/2024
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Personal Data ,
Ransomware ,
Scams ,
USPTO ,
Vulnerability Assessments
Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster. We have all been...more
CYBERSECURITY CISOs:
New Report Outlines Risks of LLMs -
I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
2/2/2024
/ Artificial Intelligence ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Mercedes-Benz ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
Mozilla Releases Security Updates for Thunderbird and Firefox -
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
1/31/2024
/ Baby Boomers ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Generation Z ,
Location Data ,
Personally Identifiable Information ,
Vulnerability Assessments