The hackers behind the Sodinokibi/REvil ransomware have reportedly switched their demands for payment from Bitcoin or Ethereum to Monero cryptocurrency to try to prevent law enforcement from tracking payments....more
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk during the COVID-19 crisis, as threat actors are using the pandemic to take advantage of...more
The coronavirus—or COVID-19—has health care experts scrambling, and has caused global concern for health and well-being due to its rapid spread throughout many countries, including the United States....more
3/6/2020
/ China ,
Coronavirus/COVID-19 ,
Cyber Crimes ,
Data Breach ,
Fake Websites ,
Fraud ,
Infectious Diseases ,
Malware ,
Online Platforms ,
Personal Data ,
Personally Identifiable Information ,
Public Health ,
Scams ,
Social Media
A new study by Check Point Research shows that cyber criminals are using well-known brands to lure victims into clicking on nefarious links, providing personal information or credentials, or getting users to transfer money....more
2/14/2020
/ Apple ,
Brand ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Facebook ,
Google ,
Hackers ,
Malware ,
Microsoft ,
Netflix ,
PayPal ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Spotify ,
Vulnerability Assessments ,
Yahoo!
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/10/2020
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Manufacturing Facilities ,
Oil & Gas ,
Pipelines ,
Power Grid ,
Ransomware ,
Refineries ,
Risk Assessment ,
Risk Management ,
Vulnerability Assessments
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/7/2020
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Infectious Diseases ,
Malware ,
Medical Records ,
OCR ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Public Health ,
Retailers ,
Tax Fraud ,
Vulnerability Assessments
Concern over the spreading coronavirus from China is legitimate and real. The World Health Organization (WHO) has declared the coronavirus a global health emergency, and the United States and other countries are limiting...more
2/5/2020
/ China ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Infectious Diseases ,
Information Security ,
Malware ,
Personally Identifiable Information ,
Public Health ,
Vulnerable Victims ,
World Health Organization
It’s getting difficult to keep up with the jargon of all of the new digital scams. The SaaSes in the beginning became regular business terms, such as Software-as-a-Service (SaaS), and Business Processes-as-a-Service (BPaaS)....more
1/24/2020
/ Amazon Marketplace ,
Apple Pay ,
Compliance-as-a-Solution (CaaS) ,
Cyber Crimes ,
Data Management ,
Data Protection ,
Debit and Credit Card Transactions ,
Financial Transactions ,
Malware ,
Payment Processors ,
PayPal ,
Phishing Scams ,
SaaS ,
Scams ,
Vulnerability Assessments ,
Vulnerable Victims
Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity...more
1/10/2020
/ Assassinations ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Homeland Security (DHS) ,
Foreign Relations ,
Hackers ,
Information Technology ,
Iran ,
Malware ,
NYDFS ,
Risk Management ,
Risk Mitigation ,
Vulnerability Assessments
It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more
12/23/2019
/ Biometric Information ,
Clinical Laboratories ,
Connected Cars ,
Connected Items ,
Criminal Conspiracy ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Extradition ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Settlement
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedlybeen the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more
If, like me, you travel a lot, listen up—the Los Angeles District Attorney’s Office has issued an advisory as part of its fraud education campaign warning travelers not to use free USB charging stations offered in airports,...more
11/22/2019
/ Airports ,
Cell Phones ,
Charging Stations ,
Fraud Alerts ,
Hackers ,
Hotels ,
Malware ,
Mobile Devices ,
Scams ,
Travel ,
Vulnerability Assessments ,
Wireless Technology
For those of you that have websites that process online payments (such as retail, hospitality, health care, entertainment and utilities), the Federal Bureau of Investigation (FBI) recently issued a warning about e-skimming...more
I have been hanging out a lot with Chief Information Officers (CIO) and Chief Information Security Officers (CISO) these days at speaking engagements and conferences, as October – National Cybersecurity month – is always...more
10/4/2019
/ Chief Information Security Officer (CISO) ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Malware ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Spam
Spam is invading all aspects of our online life, and of late, even our online calendars. I hadn’t thought about embedded malware in calendar invites until I read an informative krebsonsecurity.com blog article this week. ...more
Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two-year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card...more
7/29/2019
/ Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Email ,
Hackers ,
Health Care Providers ,
Iran ,
Malware ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
UPS
Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card...more
Fireeye published research last week that it has identified a phishing campaign by APT34, which is known to be a hacking group out of Iran, that all LinkedIn users should be aware of when considering adding a LinkedIn...more
Hackers are targeting U.S. government networks, according to U.S. Cyber Command, which says there is a vulnerability of CVE-2017-1174, which is a two year old flaw in Microsoft Outlook that is being used by attackers to...more
7/12/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Microsoft ,
Network Security ,
Personally Identifiable Information ,
Risk Management ,
Security Standards ,
US-CERT ,
Vulnerability Assessments
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.”
That’s our experience, too. Below are our highlights from the...more
7/11/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Distributed Denial of Service ,
Employee Training ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Supply Chain
DHS Warns Businesses of Risk of Iranian-Backed Wiper Malware Attacks -
The tension with Iran has generally increased, and it has been reported that the U.S. has launched a cyber-attack against Iran. In retaliation, the risk...more
7/5/2019
/ Biometric Information ,
Canada ,
Closing a Business ,
Colleges ,
Connected Items ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Department of Homeland Security (DHS) ,
Drones ,
Educational Institutions ,
Information Technology ,
Internet of Things ,
Iran ,
Malware ,
Medical Devices ,
Personal Data ,
Pharmaceutical Industry ,
Popular ,
Universities
The tension with Iran has generally increased, it has been reported that the U.S. has launched a cyber-attack against Iran, and in retaliation, the risk of Iranian-backed wiper malware attacks against U.S. businesses and...more
7/3/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Hackers ,
Information Technology ,
Iran ,
Malware ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Vulnerability Assessments
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The...more
6/7/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Exploitation ,
Extortion ,
FBI ,
Genetic Materials ,
Genetic Testing ,
Hackers ,
Information Technology ,
Malware ,
OIG ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Quest Diagnostics ,
Vulnerable Victims
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar....more
Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware...more
5/31/2019
/ Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Data Privacy ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Malware ,
Manufacturers ,
OCR ,
Personally Identifiable Information ,
Ransomware ,
Robocalling ,
Telemarketing