In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies.
The rules, which will become effective thirty days after publication in...more
7/28/2023
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Form 10-K ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Regulatory Reform ,
Required Forms ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
CYBERSECURITY -
Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP -
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
7/24/2023
/ Adobe ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
EU ,
Hackers ,
Machine Learning ,
Vulnerability Assessments
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that can lead to a security...more
According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched...more
7/10/2023
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Information Technology ,
Risk Mitigation ,
Vulnerability Assessments
Nevada Governor Joe Lombardo recently signed into law a sweeping and restrictive consumer health data privacy law that requires covered entities (defined as any person who conducts business in the state or produces or...more
7/10/2023
/ Consumer Privacy Rights ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Healthcare ,
Nevada ,
New Legislation ,
Personal Data ,
State Data Privacy Laws
CYBERSECURITY -
Joint Advisory on MOVEit Transfer Vulnerability Published -
CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The...more
CYBERSECURITY -
Clop Claims Zero-Day Attacks Against 130 Organizations -
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in...more
3/31/2023
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Hackers ,
Ransomware ,
Russia
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more
3/30/2023
/ Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Fines ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Legal Representatives ,
New York ,
PHI ,
State Attorneys General
CYBERSECURITY FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MSISAC) recently released a joint cybersecurity advisory, warning organizations about...more
3/24/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
TikTok ,
Vulnerability Assessments
CYBERSECURITY -
World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak -
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
2/9/2023
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Hackers ,
Information Technology ,
Popular ,
Social Engineering ,
Vulnerability Assessments
Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global Cybersecurity Outlook 23 Insight Report (published in collaboration with Accenture), although...more
2/3/2023
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Popular ,
Risk Mitigation ,
Vulnerability Assessments ,
World Economic Forum
DATA PRIVACY -
Businesses Struggle to Comply with CPRA without Final Regulations -
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t...more
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t any yet. The California Privacy Rights Agency (CPPA), the newly- created body with...more
11/10/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
10/13/2022
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Microsoft ,
Risk Management ,
Risk Mitigation ,
Vulnerability Assessments
CYBERSECURITY -
FBI Issues Notice to Health Industry Highlighting Risks of Unpatched Medical Devices -
The FBI issued a Private Industry Notification targeted to the health care sector on September 12, 2022, warning...more
9/19/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
FBI ,
Hackers ,
Identity Theft ,
Online Safety for Children ,
Personally Identifiable Information ,
Vulnerability Assessments
This week, in addition to the news-catching, ongoing dispute between Twitter and Elon Musk, Twitter’s former head of cybersecurity, Peiter Zatko, claimed in a whistleblower filing with several federal agencies that Twitter...more
8/26/2022
/ Bots ,
Data Collection ,
Data Protection ,
Data Security ,
Elon Musk ,
Federal Trade Commission (FTC) ,
Government Investigations ,
Internet ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Social Media ,
Social Networks ,
Twitter ,
Vulnerability Assessments
Although the U.S. Chamber of Commerce (the Chamber) “strongly urges Congress to pass durable, bipartisan national privacy legislation that protects all Americans equally,” it will “strongly oppose legislation that fails to...more
CYBERSECURITY -
Okta Notifies Customers of LAPSUS$ Attack -
Okta, which markets itself as a “leading provider of identity” in the health care, public sector, energy, financial services, technology, travel and hospitality,...more
3/25/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
FBI ,
NIST ,
PHI ,
Popular ,
State Data Breach Notification Statutes
CYBERSECURITY -
Chinese APT41 Attacking State Networks -
Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber...more
3/11/2022
/ China ,
COPPA ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Elder Abuse ,
Hackers ,
Identity Theft ,
Information Technology ,
Military Conflict ,
Online Safety for Children ,
Russia ,
Ukraine
CYBERSECURITY -
CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine -
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
3/4/2022
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Information Blocking Rules ,
Malware ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Russia ,
T-Mobile ,
Ukraine ,
Vulnerability Assessments
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of destructive malware that is being used to target organizations in Ukraine, with the ongoing...more
3/4/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Malware ,
Military Conflict ,
Russia ,
Ukraine ,
Vulnerability Assessments
CYBERSECURITY -
Coveware 2021 Q4 Ransomware Report Issued -
Coveware issued its 2021 Q4 Ransomware Report on February 1, 2022. The report stated that although average and median ransom payments increased...more
2/11/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Online Safety for Children ,
Personally Identifiable Information ,
Ransomware
Threat actors don’t wait for a convenient time to attack your company. They attack when it suits them, and when they can find any small opening. Being prepared for different types of attacks helps companies prepare for the...more
CYBERSECURITY -
ECRI Names Cybersecurity Attacks as Top Health Technology Hazard for 2022 -
ECRI has been publishing its annual report of health technology hazards for the past 15 years. According to ECRI’s Device...more
1/21/2022
/ Automation Systems ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Theft ,
FBI ,
Hackers ,
Health Care Providers ,
Japan ,
Malware ,
Popular ,
QR Codes ,
Vessels ,
Vulnerability Assessments
Passwords are so difficult to remember. We all know we shouldn’t use the same or similar passwords across platforms. Stolen password credentials are dumped on the dark web and criminals use the stolen passwords to steal other...more
1/20/2022
/ Cyber Attacks ,
Cybersecurity ,
Darknet ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Identity Theft ,
Malware ,
Passwords ,
Personally Identifiable Information ,
Vulnerability Assessments