Latest Posts › Information Technology

Share:

SEC Hits SolarWinds and CISO with Investor Fraud Suit Over Cybersecurity

In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this...more

NYAG Settles with Personal Touch for $350,000 over Phishing Incident

According to a press release, Personal Touch, a home health company located on Long Island, has reached a settlement with New York Attorney General Letitia James for $350,000 for a data breach that occurred in January of 2021...more

Resilience Midyear 2023 Claims Report: Ransomware Cybercriminals Shift Tactics

Resilience issued its Midyear 2023 Claims Report, which is well worth the read. In addition to commenting on the impact of the MOVEit incident, some of the key findings include...more

Urgent Joint Cybersecurity Advisory on Atlassian Vulnerability Issued

The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515. According to the Alert, “this critical vulnerability...more

HC3 Warns Healthcare Organizations of NoEscape Ransomware

On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more

CISA + FBI Issue Joint Advisory on AvosLocker Ransomware

The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more

Privacy Tip #373 – If you Use Windows Copilot —Configuration Update Issued by Microsoft This Week

On September 26, 2023, Windows released a configuration update on Windows 11 version 22H2  (all editions) that is worth reading and applying, particularly if you use Windows Copilot....more

Joint Advisory Warns of Snatch Ransomware

The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more

Joint Commission Issues Alert on Patient Safety After a Cyber-Attack

On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,” which provides “tips on what organizations can do to prepare to deliver safe patient care in the...more

Seven States Have Upcoming Privacy Laws

State privacy laws are changing rapidly in the U.S. Here are summaries of seven new state laws that have been enacted and go into effect in the next few years. We anticipate that more state legislatures will continue to enact...more

CISA Issues Two Industrial Control Systems Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS)....more

CISA Issues 2022 Top Routinely Exploited Vulnerabilities

In its continued effort to keep industry apprised of threats facing companies in the U.S., CISA recently issued a Cybersecurity Advisory: 2022 Top Routinely Exploited Vulnerabilities that is helpful to get up to speed on top...more

Data Privacy + Cybersecurity Insider - July 2023 - #3

CYBERSECURITY - SEC Adopts New Cybersecurity Rules for Public Companies - In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public...more

Privacy Tip #367 – Update your Apple Operating System to 16.6 NOW

On Monday, July 24, 2023, Apple issued a security update to address vulnerabilities that have been linked to a spyware campaign. iOS 16.6 fixes 25 iPhone security flaws, several of which are being exploited by threat actors...more

Unpatched Fortinet Vulnerability Being Exploited by Threat Actors

According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched...more

Joint Advisory on MOVEit Transfer Vulnerability Published

CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The CLOP ransomware organization has been reportedly exploiting an SQL injection...more

CISA Issues Three Advisories for Industrial Control Systems

On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more

Ransomware Group Uses Communication System of University

Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes....more

Privacy Tip #362 – Looking for a Professional Path? Consider Artificial Intelligence

Not a moment goes by without receiving a new alert of some sort about artificial intelligence (AI). The proliferation of articles and comments about AI is astounding. It is a hot topic to say the least....more

FIN7/Carbon Spider Attacks Veeam Backup Servers

Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more

Clop Claims Zero-Day Attacks Against 130 Organizations

Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing...more

FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware

The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and...more

Data Privacy + Cybersecurity Insider - February 2023

CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more

FCC Bans Import of Chinese Technology

The Federal Communications Commission (FCC) will categorically ban devices over national security concerns for the first time in history. Per a new order, the FCC will prohibit the import and sale of devices produced by...more

Beware of Luna Moth Callback Phishing Scam

Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new phishing scam that is unique and successful. The scam is believed to be carried out by the Luna Moth/Silent Ransom Group and is targeting...more

291 Results
 / 
View per page
Page: of 12

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide