Latest Posts › Data Security

Share:

FTC Takes Action Against GoDaddy for Alleged Lax Data Security

The Federal Trade Commission (FTC) issued a proposed settlement order against GoDaddy alleging that it “has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting...more

Privacy Tip #426 – CyberArk Report Confirms Employees Bypass Cybersecurity Policies

CyberArk, an identity security provider, has issued a new report on employee risk that is a must-read for IT Professionals and executives. The report highlights several findings that are directly related to the risks...more

Rhysida Hits American Addiction Centers + Publishes 2.8TB of Data

American Addiction Centers (AAC) has notified 422,424 individuals that their personal information was stolen in a cyber-attack attributed to the Rhysida criminal organization. The incident was discovered on September 26,...more

Ascension Health Notifying 5.6 Million of Data Breach

We previously reported that Ascension Health detected a cyber-attack on May 8, 2024, that affected clinical operations in Ascension facilities in six states....more

Adobe Issues Patches for ColdFusion “High Severity” Vulnerability

Adobe recently issued a patch for a high-severity vulnerability for ColdFusion versions 2023.11 and 2021.17 and earlier; according to the National Institute of Standards and Technology  (NIST), “an attacker could exploit this...more

Joint Advisory Lists Top Routinely Exploited Vulnerabilities

On November 12, 2024, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency, along with its security partners in Australia, Canada, New Zealand, and the...more

The Impact of Stolen Credentials

This week, Schneider Electric confirmed that it is investigating a security incident involving its JIRA internal development platform. The attacker group, “Grep,” allege that it stole 40 GB of data from the JIRA platform by...more

Privacy Tip #419 – Apple Issues Security Updates

Apple product users—update your new Apple security patches now! Apple released security patches iOS 17.7.1 and iPadOS 17.7.1 on October 27, 2024, and patches to iOS 18.1 and iPadOS 18.1 on October 28, 2024, to address...more

CT AG Settles Data Breach Case with Guardian Analytics

Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more

Privacy Tip #415 – It’s National Cybersecurity Awareness Month!

October is always a busy month for cybersecurity professionals. For the past 21 years, October has been an especially busy month for me as it is Cybersecurity Awareness Month. This means lots of employee education and...more

Department of Commerce Takes Lead in Addressing Risks from Connected Car Technology

As a Rhode Islander, I am a big fan of our former Governor and now Secretary of Commerce, Gina Raimondo. She has always had her eye on the ball of the rapidly developing data privacy and cybersecurity risks and threats to...more

Privacy Tip #413 – NIST Releases Recommendation for Consumer Routers

The National Institute of Standards and Technology (NIST) has issued helpful recommendations for consumers to consider when securing home routers. The publication, issued on September 10, 2024, emphasizes how important it is...more

Russian Military Cyber Actors Targeting Critical Infrastructure Sector

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning...more

Privacy Tip #409 – HealthEquity Data Breach Affects 4.3 Million

HealthEquity, an administrator of workplace benefits for more than 15 million people, is notifying 4.3 million individuals, starting on August 9, 2024, that their personal information was compromised. The compromised data...more

CrowdStrike Customers Targeted by Threat Actors Using Fake Help Websites

If you are a customer of CrowdStrike, you are working on recovering from the outage that occurred on July 19, 2024. As if that isn’t enough disruption, CrowdStrike is warning customers that threat actors are taking advantage...more

Privacy Tip #406 – Rite Aid Discloses Data Breach

Bleeping Computer has reported that Rite Aid has disclosed a data breach affecting 2.2 million individuals. According to the report, Rite Aid stated in its filing with the Maine Attorney General that “We determined by...more

Rhode Island’s New Data Privacy Law

Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more

Halcyon Provides Intel on Volcano Demon Ransomware

Security research firm Halcyon recently reported that it “encountered” a new ransomware organization dubbed Volcano Demon several times in the past few weeks....more

Privacy Tip #405 – Compromised Passwords Continue to Provide Easy Opportunities for Threat Actors

Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more

Privacy Tip #404 – July is Military Consumer Month Helpful Tips for Those in Service + Thank You

July is Military Consumer Month. This month, we celebrate democracy and the past service of our veterans and those presently in service for protecting us and our democracy. Thank you so very much....more

HC3 Issues Threat Reports on Qilin + MoveIt

The Health Sector Cybersecurity Coordination Center (HC3) provides timely updates to the health care sector on cybersecurity threats and mitigation. In the last several weeks, HC3 has issued two alerts worth paying close...more

Commerce Department Bans Kaspersky Software in US

In the Biden Administration’s continuing effort to reduce the risk of cybersecurity spyware from foreign adversaries, including Russia, the United States Department of Commerce (Commerce) issued a final rule (Rule) on June...more

Black Basta Exploits Microsoft Zero-Day After Patch

It is being reported that Black Basta (aptly named) exploited a Microsoft zero-day prior to Microsoft’s release of a patch for the vulnerability back in March....more

Privacy Tip #402 – CISA Issues Alert About Impersonators

Impersonation schemes are on the rise, and artificial intelligence (including deep fakes and voice cloning) will only make these schemes more difficult to detect. Threat actors are emboldened, evidenced by the fact that...more

Data Privacy + Cybersecurity Insider - May 2024 #4

CYBERSECURITY - CISA Issues Advisory on Black Basta Ransomware - On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that...more

338 Results
 / 
View per page
Page: of 14

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide