The Internet Society’s Online Trust Alliance just released its "2018 Cyber Incident & Breach Trends Report," which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Here are the highlights from the...more
7/12/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Identity Theft ,
Income Taxes ,
Microsoft ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Budgets ,
Tax Fraud ,
Tax Preparers ,
Uniform Law Commission (ULC) ,
Vulnerability Assessments
Section 230 of the Connecticut budget bill is called the “Insurance Data Security Law” and becomes effective October 1, 2019. It requires any insurance licensee, (anyone who is authorized or licensed and subject to the...more
This week, I was honored to again have the opportunity to participate as a speaker at the Internal Revenue Service’s Nationwide Tax Forum 2019 in Washington, D.C. Through a generous grant provided by the American Coalition...more
7/12/2019
/ Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Theft ,
Financial Services Industry ,
Identity Theft ,
Income Taxes ,
IRS ,
Personally Identifiable Information ,
Popular ,
Risk Mitigation ,
Tax Fraud ,
Tax Preparers
Hackers are targeting U.S. government networks, according to U.S. Cyber Command, which says there is a vulnerability of CVE-2017-1174, which is a two year old flaw in Microsoft Outlook that is being used by attackers to...more
7/12/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Microsoft ,
Network Security ,
Personally Identifiable Information ,
Risk Management ,
Security Standards ,
US-CERT ,
Vulnerability Assessments
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.”
That’s our experience, too. Below are our highlights from the...more
7/11/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Distributed Denial of Service ,
Employee Training ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Supply Chain
DHS Warns Businesses of Risk of Iranian-Backed Wiper Malware Attacks -
The tension with Iran has generally increased, and it has been reported that the U.S. has launched a cyber-attack against Iran. In retaliation, the risk...more
7/5/2019
/ Biometric Information ,
Canada ,
Closing a Business ,
Colleges ,
Connected Items ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Department of Homeland Security (DHS) ,
Drones ,
Educational Institutions ,
Information Technology ,
Internet of Things ,
Iran ,
Malware ,
Medical Devices ,
Personal Data ,
Pharmaceutical Industry ,
Popular ,
Universities
We only have one unique face, two irises and ten fingerprints. We can’t change our biometrics like we can a credit card number. Yet many companies are collecting and using their employees’ and our biometric information for...more
In my 25 years in the data privacy and cybersecurity profession, this is the first time that I believe a medical device has been recalled because of a cybersecurity risk. This week, Medtronic recalled its 508 Insulin pumps...more
The tension with Iran has generally increased, it has been reported that the U.S. has launched a cyber-attack against Iran, and in retaliation, the risk of Iranian-backed wiper malware attacks against U.S. businesses and...more
7/3/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Hackers ,
Information Technology ,
Iran ,
Malware ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Vulnerability Assessments
Security researchers have warned municipalities repeatedly about how they are being targeted with ransomware, that they are at high risk, and the need to make data security a high priority.
Please see full Publication blow...more
6/28/2019
/ Credit Monitoring ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Hackers ,
Identity Theft ,
Military Service Members ,
Mobile Apps ,
Mobile Device Management ,
Municipalities ,
National Guard ,
Popular ,
Ransomware
Part of the 2018 Economic Growth, Regulatory Relief, and Consumer Protection Act (which amended the Fair Credit Reporting Act) included a provision requiring credit reporting agencies (CRAs) to provide free electronic credit...more
While we have been talking about the very important message of educating employees about data security, I find that giving employees tips about their personal data security keeps them interested and engaged during education...more
6/28/2019
/ Bring Your Own Device (BYOD) ,
Cell Phones ,
Confidential Information ,
Data-Sharing ,
Information Technology ,
Location Privacy ,
Mobile Apps ,
Mobile Device Management ,
Mobile Devices ,
Mobile Privacy ,
Personal Data ,
Privacy Concerns ,
Proprietary Information ,
Risk Management ,
Vulnerability Assessments
Security researchers have warned municipalities repeatedly about how they are being targeted with ransomware, that they are at high risk, and the need to make data security a high priority....more
6/28/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Municipalities ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The attackers behind the vicious ransomware known as GandCrab have made their money (loosely estimated at over $2 billion) and are retiring. Most of us work for a living and then retire, but these guys steal money to retire....more
6/21/2019
/ Anthem Insurance ,
Customs and Border Protection ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Debit Cards ,
Dominos ,
Driverless Cars ,
Exploitation ,
FBI ,
Hackers ,
NFL ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Ransomware ,
Super Bowl
We all have been trained to look at website addresses with a critical eye to make sure they have “https,” as those websites are supposed to be secure. The “s” at the end signifies to us that it is secure. The lock at the...more
The United States Customs and Border Patrol (CBP) admitted last week that personal information that it collected from travelers crossing the U.S. borders was exposed in a “malicious cyber-attack” against one of its vendors....more
The attackers behind the vicious ransomware known as GandCrab have made their money (loosely estimated at over $2 billion) and are retiring. Most of us work for a living and then retire, but these guys steal money to retire....more
If you use Evite for e-invitations or social planning purposes, be aware that it announced last week that the account information for up to 10 million users has been compromised and is for sale on the Dark Web....more
Protection of industrial control systems is crucial to the security of our country. The National Cybersecurity Center of Excellence (NCCoE) has announced a project for which it is seeking comment: Detecting and Protecting...more
6/17/2019
/ Amazon Marketplace ,
Capital Raising ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Drones ,
Enforcement Actions ,
Federal Aviation Administration (FAA) ,
Industrial Space ,
Initial Coin Offering (ICOs) ,
Manufacturing Facilities ,
Microsoft ,
Mobile Apps ,
National Security Agency (NSA) ,
Part 107 ,
Personal Data ,
Popular ,
Quest Diagnostics ,
Securities and Exchange Commission (SEC) ,
Securities Violations ,
Social Media ,
Unregistered Securities ,
Waivers ,
Wellness Programs
Protection of industrial control systems is crucial to the security of our country. The National Cybersecurity Center of Excellence (NCCoE) has announced a project for which it is seeking comment: Detecting and Protecting...more
In a contentious move, the Securities and Exchange Commission (SEC) recently sued Kik Interactive Inc. for its Initial Coin Offering of $100 million, alleging it violated securities laws by not registering the offering with...more
Last week, we wrote that Quest Diagnostics reported in a security filing that a collection agency performing collections for the company had suffered an intrusion that exposed almost 12 million individuals’ personal and...more
Many individuals and not-for-profit organizations, including those in the health care industry, believe that they do not have the resources to update to the newest versions of software. However, the newest versions are...more
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The...more
6/7/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Exploitation ,
Extortion ,
FBI ,
Genetic Materials ,
Genetic Testing ,
Hackers ,
Information Technology ,
Malware ,
OIG ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Quest Diagnostics ,
Vulnerable Victims
Summer vacation is almost here for school-age children, which means that kids will have more free time to roam the Internet. Unfortunately, according to the FBI, this means that the threat of online predators is high and the...more