Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to...more
8/20/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
There has been a flurry of reporting in the past few days on the T-Mobile customer data compromise, with allegations that the compromise affected up to 100 million customers. ...more
8/19/2021
/ Cell Phones ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Personally Identifiable Information ,
Popular ,
T-Mobile ,
Telecommunications
Mandiant, a division of FireEye, has reported that it has discovered a vulnerability in a software protocol that enables hackers to gain access to audio and visual data on smart devices including baby monitors and web...more
8/19/2021
/ Baby Products ,
Connected Items ,
Data Privacy ,
Hackers ,
Information Security ,
Information Technology ,
Internet of Things ,
Popular ,
Risk Management ,
Smart Devices ,
Software ,
Vulnerability Assessments
CYBERSECURITY -
Cryptoheister(s) Return Stolen Booty -
Cryptocurrency platform Poly Network, which allows users to swap different types of digital tokens, was the victim of a cryptoheist that resulted in the thief...more
8/13/2021
/ Agribusiness ,
COPPA ,
Cryptocurrency ,
Cyber Crimes ,
Cybersecurity ,
Dark Web ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Federal Trade Commission (FTC) ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Ransomware
CYBERSECURITY -
Extortion Doesn’t Work for EA Sports Hackers -
According to The Record, Electronic Arts Sports (EA) was the victim of a cyber hacking in June, when hackers posted on an underground hacking forum that they...more
8/6/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybertheft ,
Dark Web ,
Data Breach ,
Drones ,
Electronic Arts ,
Electronic Protected Health Information (ePHI) ,
Extortion ,
Hackers ,
Microsoft ,
OCR ,
Phishing Scams ,
Popular ,
Proposed Legislation ,
Source Code
According to The Record, Electronic Arts Sports (EA) was the victim of a cyber hacking in June, when hackers posted on an underground hacking forum that they were in possession of EA data seeking a sale price of $28 million....more
8/6/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybertheft ,
Dark Web ,
Data Breach ,
Electronic Arts ,
Extortion ,
Gaming ,
Hackers ,
Popular ,
Source Code
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
8/4/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Information Technology ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
CISA Issues Alert on Top Exploited Vulnerabilities -
On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited...more
7/30/2021
/ Apple ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Malware ,
Popular ,
Vulnerability Assessments
Earlier this week, Apple issued another patch—this one is said to address a reported vulnerability that “an application may be able to execute arbitrary code with kernel privileges.” According to Apple, it “is aware of a...more
Security researchers from Avast have discovered that “Crackonosh” malware has been installed on free versions of some popular online games for the purpose of cryptomining. It is believed to be sourced from a Czech author....more
On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited Vulnerabilities” in collaboration with the Australian Cyber Security Centre, the...more
The U.S. Transportation Security Administration (TSA) issued its second Security Directive to the pipeline industry on July 20, 2021, following the Colonial Pipeline cybersecurity incident. ...more
On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event...more
7/22/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Denial of Service Attacks ,
Digital Service Providers ,
Events ,
FBI ,
Hackers ,
Olympics ,
Popular ,
Ransomware ,
Risk Management ,
Sports ,
Vulnerability Assessments
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian...more
7/16/2021
/ Anti-Money Laundering ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Enforcement Guidance ,
Hackers ,
Information Technology ,
Money Laundering ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Regulatory Reform ,
Risk Management ,
Virtual Currency
In a rare move, the Department of Health and Human Services (HHS) has issued a warning to hospitals and health systems to prioritize the patching of a two-year-old vulnerability in picture archive communication systems...more
7/9/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Hackers ,
Health Care Providers ,
Hospitals ,
Popular ,
Risk Management ,
Security Risk Assessments ,
Vulnerability Assessments
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...more
CYBERSECURITY -
Law Enforcement Takes Down DoubleVPN -
I love seeing another win for law enforcement in the cyber context. Servers and web domains owned by DoubleVPN, a virtual private network, were seized recently...more
7/2/2021
/ Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Microsoft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Scams ,
Volkswagen
Maximus, a contractor of the State of Ohio’s Medicaid program reported this week that it experienced a data breach that exposed Medicaid health providers’ names, dates of birth, Social Security numbers, addresses, and other...more
Reproductive Biology Associates, LLC (RBA) and its affiliate, MyEggBank, notified approximately 38,000 patients that a data breach involving a ransomware attack had exposed the patients’ full names, addresses, Social Security...more
6/24/2021
/ Clinical Laboratory Testing ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Fertility Treatments ,
Hackers ,
Health Care Providers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware
CYBERSECURITY -
Another Win for Justice Department: Slilpp Marketplace Takedown -
People always ask me if law enforcement is having any luck in combatting cyber criminals. Let me be clear: it is a very tough job to take...more
6/18/2021
/ Ancestry.com ,
Beyond Visual Line Of Sight (BVLOS) ,
Car Rentals ,
Computer Fraud and Abuse Act (CFAA) ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Drones ,
Enforcement Actions ,
Federal Aviation Administration (FAA) ,
Hackers ,
Popular ,
Ransomware ,
SCOTUS ,
Van Buren v United States
Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and Cyber Command this week urged users of VMware to update and...more
After the attacks on JBS and Colonial Pipeline, the U.S. Treasury Department will likely consider increasing its enforcement of anti-money-laundering laws and adopt new reporting requirements for cryptocurrency transactions....more
6/11/2021
/ Anti-Money Laundering ,
Banking Sector ,
Crypto Exchanges ,
Cryptocurrency ,
Digital Currency ,
Digital Wallets ,
Financial Transactions ,
Money Laundering ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Regulatory Oversight ,
Rulemaking Process ,
U.S. Treasury
Since the Colonial Pipeline and JBS meat manufacturing security incidents, attention is finally being paid to the cybersecurity vulnerabilities of critical infrastructure in the U.S. and in particular, the potential effect on...more
When I conduct employee education sessions on data privacy and cybersecurity, I am often surprised that employees are unaware that their employers are legally able to monitor their use of company assets, and that employers...more
CYBERSECURITY -
Tulsa, OK Refuses to Pay Ransom to Attackers -
The City of Tulsa, Oklahoma, announced on May 9, 2021, that it had been hit with a ransomware attack, but the Mayor is resolute in not paying the demanded...more