CYBERSECURITY -
NSA Issues New Warning About Four Critical Patches to Microsoft Exchange Servers -
The National Security Agency (NSA) recently issued a warning to private industry about four zero-day vulnerabilities in...more
4/23/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Facebook Inc v Duguid ,
Hackers ,
National Security Agency (NSA) ,
NBA ,
NYDFS ,
Personally Identifiable Information ,
Ransomware ,
SCOTUS
The United States government, states, municipalities, and private companies all have been trying to defend themselves from cyber warfare from foreign adversarial governments, including Russia, China, and North Korea, for...more
4/23/2021
/ Biden Administration ,
China ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Russia ,
SolarWinds
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recently released a free tool that will assist organizations with identifying indicators of compromise following threat activity in...more
CYBERSECURITY -
Ironic Justice: WeLeakInfo Users’ Information Compromised -
In the category of “you can’t make this up, but satisfyingly ironic,” it was recently reported that criminals who used the WeLeakInfo database...more
3/19/2021
/ California Consumer Privacy Act (CCPA) ,
Credit Reports ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Drones ,
Form 8-K ,
Hackers ,
Molson Coors
Cyber-hygiene and prevention are sometimes hard to fit in when there are so many vulnerabilities, zero-day attacks and third-party incidents that keep us busy every day....more
Although somewhat obvious, the World Economic Forum, in partnership with Marsh McLennan, SK Group and Zurich Insurance Group, recently issued its 16th edition of the Global Risks Report (the Report), which analyzes “the risks...more
On the heels of the concerning security incident experienced by FireEye, during the investigation of its own incident, FireEye discovered that multiple updates issued by SolarWinds, a cybersecurity firm that many governmental...more
According to Cybersecurity Ventures, cybercrime is the fastest growing crime in the U.S., with damages expected to reach $6 trillion globally by 2021. Therefore, it is axiomatic that C-Suites continue to address the risk...more
Campari, the Italian drinks company, recently announced that it was hit with a cyber attack that encrypted its data and potentially exfiltrated some data....more
Although the Presidential race is unconfirmed at the time of this writing, there are several data privacy and security laws to put on your radar following the election this week....more
11/6/2020
/ Ballot Measures ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Electronic Data Transmissions ,
Facial Recognition Technology ,
Personal Data ,
Referendums
It is no longer a matter of if, but when companies that suffer a data breach will be sued in a class action lawsuit following a data breach. Many of those data breach cases get dismissed, as it is difficult for consumers to...more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
10/23/2020
/ Bring Your Own Device (BYOD) ,
Coronavirus/COVID-19 ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Infectious Diseases ,
Information Technology ,
Multi-Factor Authentication ,
Popular ,
Remote Working ,
Risk Management ,
Telecommuting ,
Vulnerability Assessments
Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more
10/9/2020
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Security ,
Health Insurance ,
HIPAA Breach ,
OCR ,
Personally Identifiable Information ,
PHI ,
Premera Blue Cross ,
Settlement Agreements
CYBERSECURITY -
U.S. Organizations Doing Business in China Warned of Malware in Tax Software -
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint...more
8/28/2020
/ ALEXA ,
Amazon Echo ,
Audits ,
Automatic License Plate Readers ,
Connected Cars ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Financial Industry Regulatory Authority (FINRA) ,
Location Data ,
Malware ,
Motor Vehicles ,
Personal Assistants ,
Personally Identifiable Information ,
Popular ,
Scams ,
Websites ,
Zoom®
I continue to be quite surprised at the lack of understanding that people have about personal assistants such as Alexa and Echo. It seems logical to me that when you yell out “Alexa, turn on the lights!”...more
8/28/2020
/ ALEXA ,
Amazon Echo ,
Connected Items ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Internet of Things ,
Oral Communications ,
Personal Assistants ,
Privacy Concerns
CYBERSECURITY -
Connecticut Insurance Department Reminds Licensees to Comply with Data Security Law -
On July 20, 2020, the Connecticut Insurance Department issued a bulletin to licensees reminding them that the Connecticut...more
I have never been a fan of TikTok. In general, I do not trust any Chinese technology companies because of the influence and requirements the Chinese government wields over them....more
8/7/2020
/ Biometric Information ,
China ,
Data Collection ,
Data Security ,
Facial Recognition Technology ,
Foreign Relations ,
Legislative Agendas ,
Mobile Apps ,
Personally Identifiable Information ,
Social Media ,
TikTok ,
Trump Administration
On July 20, 2020, the Connecticut Insurance Department issued a bulletin to licensees reminding them that the Connecticut Insurance Data Security Law (“Act”) becomes effective on October 1, 2020 and providing guidance on...more
This week, I received a breach notification letter from a large financial institution stating that my personal information, including my name, Social Security number, account name and number, contact information, date of...more
As you know, I very rarely download mobile apps. Except for a multi-factor authentication app, and of course, the Jumbo privacy app....more
6/12/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Dark Web ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Mobile App Privacy Guidelines ,
Personally Identifiable Information
After incidents of Zoom “bombing,” including a recent intrusion by hackers to disrupt a church service with foul content (don’t these guys have better things to do?), it has been reported that hackers are now taking advantage...more
Adult Streaming Site Leaves 7TB of Users’ Information Unsecured -
Live adult streaming website CAM4 has reportedly not secured 7TB of users’ information, which may be able to be used for blackmail and identity theft...more
5/11/2020
/ California Consumer Privacy Act (CCPA) ,
Charitable Organizations ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Hackers ,
Health Care Providers ,
OCR ,
Personally Identifiable Information ,
Scams
ExecuPharm Data Stolen in Ransomware Attack Published on Internet -
In a growing trend, pharmaceutical company ExecuPharm became the victim of a ransomware attack on March 13, 2020, by the CLOP ransomware group, which...more
I always enjoy hosting and participating in the CISO Executive Network meetings. The meetings offer Chief Information Security Officers (CISOs) the opportunity to discuss together ways they can improve security in their...more
Sodinokibi Hackers Switch Payment Mechanism to Monero -
The hackers behind the Sodinokibi/REvil ransomware have reportedly switched their demands for payment from Bitcoin or Ethereum to Monero cryptocurrency to try to...more
4/19/2020
/ Bitcoin ,
CARES Act ,
Coronavirus/COVID-19 ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Financial Stimulus ,
Hackers ,
INTERPOL ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Mitigation ,
Scams