The Cybersecurity & Infrastructure Security Agency (CISA), jointly with the FBI and NSA, issued a Cybersecurity Advisory on January 22, 2022, to warn organizations, especially critical infrastructure operators, to be on...more
1/14/2022
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
National Security Agency (NSA) ,
Risk Management ,
Russia ,
Vulnerability Assessments
In what I would describe as an unusual but interesting move by the Federal Trade Commission (FTC), on January 4, 2022, it issued a warning to companies “to remediate Log4j security vulnerability” or face an enforcement action...more
It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on...more
12/17/2021
/ Cloud Computing ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Risk Management ,
Software ,
Vulnerability Assessments
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued guidance on protecting the security of organizations’ social media accounts to reduce the risk of unauthorized access to those accounts....more
On December 6, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) updated a previously issued Alert entitled APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine...more
Researchers at Mandiant have recently reported that a new ransomware group calling itself Sabbath appears to be the rebranded group Arcane and “picked up their pace” in November....more
12/2/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Educational Institutions ,
Hackers ,
Health Care Providers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA) and the FBI issued a joint Alert this week, entitled “Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends” outlining...more
11/24/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Holidays ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
As we enter the holiday shopping season, cyber criminals are sharpening their cyber-scam strategies. We like to remind our readers about the enhanced risk during the holidays. There has been an increase in online shopping...more
The Cybersecurity & Infrastructure Security Agency (CISA) issued the Cybersecurity Incident & Vulnerability Response Playbooks: Operational Procedures for Planning and Conducting Cybersecurity Incident and Vulnerability...more
Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch Tuesday released 55 patches, six of which were categorized as “critical,”...more
The FBI issued a Private Industry Notification on November 2, 2021, warning companies that “ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim...more
11/5/2021
/ Corporate Sales Transactions ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
FBI ,
Hackers ,
Information Technology ,
Investment Opportunities ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
10/29/2021
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Microsoft ,
Phishing Scams ,
Popular ,
Risk Management ,
SolarWinds ,
Supply Chain ,
Third-Party Service Provider ,
Vulnerability Assessments
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
This week, both Apple and Microsoft issued patches to fix serious zero-day vulnerabilities that should be applied as soon as possible. That means that if you have an iPhone or iPad, you may want to plug your phone or iPad in...more
As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient clinics, specialty clinics and business associates, according to a report by...more
10/7/2021
/ Business Associates ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Health Care Providers ,
Health Clinics ,
Hospitals ,
Information Technology ,
Risk Management ,
Vulnerability Assessments
We talk about passwords a lot. As you know, I am a fan of passphrases instead of passwords as they are hard to guess and easy to remember—a perfect combination for security data....more
Although executives of organizations report that ransomware is their number one security concern, and 87 percent of them expect an increase in cyber-attacks against their organizations over the next year, only one-third of...more
9/17/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Emergency Response ,
Hackers ,
Information Technology ,
Network Security ,
Popular ,
Ransomware ,
Risk Management ,
Threat Management
We have noted before how important it is to update the operating system (OS) on your mobile phone as soon as you receive notice from the manufacturer. This week, Apple issued an update to the iOS that is considered urgent....more
On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation of attacks by threat actors using Hive ransomware....more
9/2/2021
/ Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Data Protection ,
Hackers ,
Healthcare Facilities ,
Information Security ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
On August 25, the Cybersecurity and Infrastructure Security Agency (CISA) issued a fact sheet offering suggestions to government agencies and private companies on how to prevent and respond to a ransomware attack. ...more
8/27/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management
According to a report issued on August 24, 2021, by Unit 42 of Palo Alto Networks Ransomware Groups to Watch: Emerging Threats, four emerging ransomware groups “are currently affecting organizations and show signs of having...more
8/27/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to...more
8/20/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Mandiant, a division of FireEye, has reported that it has discovered a vulnerability in a software protocol that enables hackers to gain access to audio and visual data on smart devices including baby monitors and web...more
8/19/2021
/ Baby Products ,
Connected Items ,
Data Privacy ,
Hackers ,
Information Security ,
Information Technology ,
Internet of Things ,
Popular ,
Risk Management ,
Smart Devices ,
Software ,
Vulnerability Assessments
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
8/4/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Information Technology ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Risk Management ,
Vulnerability Assessments
Earlier this week, Apple issued another patch—this one is said to address a reported vulnerability that “an application may be able to execute arbitrary code with kernel privileges.” According to Apple, it “is aware of a...more