As artificial intelligence, also known as “AI” becomes more of a household word, it is worth pointing out not only how cool it can be, but also how some uses raise privacy concerns....more
There are pros and cons to using a password manager. The biggest pro is that it is difficult to keep all of our passwords organized and safe. The biggest con is that if the password manager is compromised, and the master...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
10/20/2022
/ China ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Risk Alert ,
Risk Management ,
Threat Management ,
Vulnerability Assessments
I recently ran across a Forbes article that I thought was spot-on, so I am sharing it with our readers. Entitled “5 Tips For How To Handle Consumer Privacy Concerns,” the article astutely points out that “In the age of...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
10/13/2022
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Microsoft ,
Risk Management ,
Risk Mitigation ,
Vulnerability Assessments
It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money....more
9/29/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Deletion ,
Document Destruction ,
Hackers ,
Malware ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
Cyber-Attack Disrupts Public Services in Fremont County, Colorado -
Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity...more
8/26/2022
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Hackers ,
Information Technology ,
OCR ,
Oracle ,
Popular ,
Risk Management ,
Statutory Violations ,
Twitter ,
Vulnerability Assessments
This week, in addition to the news-catching, ongoing dispute between Twitter and Elon Musk, Twitter’s former head of cybersecurity, Peiter Zatko, claimed in a whistleblower filing with several federal agencies that Twitter...more
8/26/2022
/ Bots ,
Data Collection ,
Data Protection ,
Data Security ,
Elon Musk ,
Federal Trade Commission (FTC) ,
Government Investigations ,
Internet ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Social Media ,
Social Networks ,
Twitter ,
Vulnerability Assessments
Like all technology, mobile apps can be infected with malicious code, or malware, that is intended to gain access to your mobile phone when you download the app. Although app stores try their best to not allow malicious apps...more
The Cybersecurity & Infrastructure Security Agency (CISA) added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 23, 2022, due to active exploitation by cyber criminals. The vulnerabilities are a...more
The National Institutes of Science and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President...more
5/12/2022
/ Biden Administration ,
China ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Information Technology ,
New Guidance ,
NIST ,
Popular ,
Risk Management ,
Russia ,
Software ,
Supply Chain ,
Vulnerability Assessments
I traveled this week by plane to a client to conduct a cybersecurity tabletop exercise—one of my favorite things to do (the tabletop, not the flying). -
To be able to use the wi-fi, everyone instructed in the gate area was...more
As we have pointed out before, it is cumbersome yet critical, to patch vulnerabilities on a timely basis. Cyber-attackers move swiftly to take advantage of known vulnerabilities and are aware of the challenges organizations...more
Unscrupulous criminals use crises to their advantage. Scammers are using the conflict in Ukraine to bilk money from people trying to help those impacted from the attacks....more
The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn...more
4/21/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Military Conflict ,
Regulatory Agencies ,
Risk Management ,
Russia ,
Ukraine ,
Vulnerability Assessments
Microsoft released its monthly patches this week to fix 128 vulnerabilities, including 10 rated as critical, 115 as important, and three flagged as moderately severe. One of the vulnerabilities (CVE-2022-24521 Windows Common...more
Scammers use familiarity to get victims to fall for their scams. One way to do that is to spoof a cell phone number from the same area code to make the targeted person think that the person calling or texting them is someone...more
Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber threat activity through APT41, which has been linked to China’s...more
Organizations often struggle with budgeting for cybersecurity risk and mitigation. It’s hard to see the return on investment for prevention of things that attack the company through the clouds....more
A joint Cybersecurity Advisory issued by U.S. and international partners, entitled “2021 Trends Show Increased Globalized Threat of Ransomware,” warns of “the growing international threat posed by ransomware over the past...more
Threat actors don’t wait for a convenient time to attack your company. They attack when it suits them, and when they can find any small opening. Being prepared for different types of attacks helps companies prepare for the...more
CYBERSECURITY -
CISA Warns “Every Organization” in U.S. to Assess + Respond to Cyber Risks -
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the...more
1/28/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Drones ,
FERC ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Robots ,
Transmission Grid ,
Vulnerability Assessments
It’s very hard to keep up with digital and crypto lingo. But if you are dabbling in crypto, you need to know about rug pulls. What is a rug pull you ask? According to blogger Migi Delfin, “A rug pull is a fraud scheme that...more
1/28/2022
/ Bitcoin ,
Cryptocurrency ,
Digital Currency ,
Financial Crimes ,
Financial Fraud ,
Hackers ,
Risk Management ,
Smart Contracts ,
Token Sales ,
Virtual Currency ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over...more
1/27/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
New Guidance ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Russia ,
Ukraine ,
Vulnerability Assessments
Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on....more
1/14/2022
/ China ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments