On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an Alert outlining multiple Common Vulnerabilities and Exposures...more
One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more
12/23/2021
/ Data Breach ,
Data Privacy ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Email ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Violations ,
OCR ,
Penalties ,
PHI ,
Phishing Scams ,
Policies and Procedures ,
State Attorneys General
If you think the Russians are only targeting U.S. companies and the defense industry, think again. The cyber war between Russia and the U.S. has escalated since the President threw down the gauntlet on Putin, and the...more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
8/4/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Information Technology ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
GAO Report Identifies Need for DOE to Address Risks to Electrical Distribution System -
The United States Government Accountability Office (GAO) recently completed and published a study on electricity...more
4/2/2021
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Email ,
FBI ,
GAO ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infrastructure ,
OCR ,
Personal Data ,
Personally Identifiable Information ,
Right of Access ,
Vulnerability Assessments ,
Wal-Mart
State and local governments have been hammered with business email compromise (BEC) attacks over the past few years and the onslaught does not appear to be abating....more
Criminals use current events to launch new schemes designed to prey on victims’ vulnerabilities or fears. Throughout the pandemic, criminals have used fear of COVID-19, or the anticipation of a cure or a vaccine, to lure...more
3/26/2021
/ AstraZeneca ,
Coronavirus/COVID-19 ,
Email ,
Federal Trade Commission (FTC) ,
Fraud ,
Infectious Diseases ,
Moderna Inc. ,
Pfizer ,
Pharmaceutical Industry ,
Scams ,
Surveys ,
Vaccinations
Cyber criminals are taking advantage of the increase in online holiday shopping due to the pandemic. They know people are buying gifts online and sending the packages to the recipients. Often, the recipients do not know they...more
Just as ending a relationship with an email or a text message is bad form, employers don’t usually terminate employees with an email. Nonetheless, since a message that appears to address a termination is so drastic and final,...more
Although email seems to be the preferred method of communication during the coronavirus pandemic, an error made by a City of Los Angeles employee is one to learn from and avoid repeat....more
Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in...more
2/18/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion -
Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
2/14/2020
/ Bitcoin ,
Brand ,
California Consumer Privacy Act (CCPA) ,
China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Wallets ,
Drones ,
Email ,
Emergency Response ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Legislative Agendas ,
Medical Devices ,
Personal Data ,
Personally Identifiable Information ,
Phishing Scams ,
Proposed Legislation ,
Regulatory Requirements ,
Risk Mitigation ,
Rulemaking Process ,
State Attorneys General ,
Threat Management ,
Unmanned Aircraft Systems ,
Vulnerability Assessments
A new study by Check Point Research shows that cyber criminals are using well-known brands to lure victims into clicking on nefarious links, providing personal information or credentials, or getting users to transfer money....more
2/14/2020
/ Apple ,
Brand ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Facebook ,
Google ,
Hackers ,
Malware ,
Microsoft ,
Netflix ,
PayPal ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Spotify ,
Vulnerability Assessments ,
Yahoo!
Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two-year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card...more
7/29/2019
/ Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Email ,
Hackers ,
Health Care Providers ,
Iran ,
Malware ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
UPS
The United States Treasury Department came out with a report last week that concludes that business email compromises (BEC) are costing U.S. companies more than $301 million per month. The report confirms that the two...more
7/25/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Email ,
Hackers ,
Manufacturers ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management
It is not unusual for lawyers to send emails to individuals and businesses they are about to sue to engage them before they do file suit to see if a settlement can be discussed or reached. ...more
The Department of Homeland Security (DHS) issued a warning on April 15, 2019 entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more
4/19/2019
/ Cookies ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Email ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams
On April 14, 2019, Microsoft alerted some account owners that Microsoft Outlook and Hotmail email addresses had been compromised over a three-month period....more
The Oregon Department of Human Services (DHS) announced late last week that nine of its staff members had fallen victim to a phishing campaign and that their email boxes were compromised on January 8, 2019....more
We predicted last year that hackers would become more malicious in the future, not only stealing and selling data for nefarious purposes, but actually destroying data and even systems. That reality hit email provider VFEmail...more
2/25/2019
/ Biometric Information ,
Computer Servers ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Mining ,
Data Privacy ,
Digital Assets ,
Email ,
Hackers ,
Healthcare ,
HIPAA Breach ,
NASA ,
OCR ,
Privacy Settings ,
Video Games
We predicted last year that hackers would become more malicious in the future, not only stealing and selling data for nefarious purposes, but actually destroying data and even systems. ...more
The Internal Revenue Service (IRS) has issued a warning to consumers about an email that looks like it is from “IRS Online.” The email is designed to get the recipient to click on an attachment that is labeled “Tax Account...more
Phishing campaigns continue to be one of the most successful ways for malicious intruders to access company information, including personal information of employees and customers. Phishing emails continue to get more and more...more
This week the Securities and Exchange Commission (SEC) issued an investigative report that outlined cyber incidents that nine public companies had experienced, causing fraudulent losses totaling more than $100 million. The...more
10/22/2018
/ Anthem Insurance ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Email ,
Facebook ,
Federal Trade Commission (FTC) ,
Hackers ,
Healthcare ,
HIPAA Breach ,
Internal Controls ,
Microsoft ,
New Legislation ,
OCR ,
Personally Identifiable Information ,
Popular ,
Securities and Exchange Commission (SEC) ,
Social Media ,
State and Local Government ,
Surveillance
Many companies are migrating their email systems to Microsoft Office 365 (O365). The majority of security incidents that we have been involved in over the past six months involve a hacker successfully phishing an employee of...more