There was a big win for the good guys against the bad guys this week. On December 13, 2023, after obtaining an order from the federal court in the Southern District of New York to seize U.S. based infrastructure and take...more
There are lots of package deliveries this time of year. When shopping online, companies are great about telling you when to expect the delivery of your purchase. Fraudsters know this and prey on unsuspecting victims...more
On November 17, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released a supplemental mitigation guide for the healthcare and public health sector to the Cyber Risk Summary for those sectors published on...more
If you didn’t get to watch “60 Minutes” on Sunday and see the “Five Eyes” warn us all about China, put it on your list to watch soon.
The Five Eyes are the intelligence leaders of five allied countries: U.S., Canada,...more
Resilience issued its Midyear 2023 Claims Report, which is well worth the read.
In addition to commenting on the impact of the MOVEit incident, some of the key findings include...more
The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515.
According to the Alert, “this critical vulnerability...more
10/23/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Ransomware ,
Vulnerability Assessments
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more
10/23/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
CISA Launches Cybersecurity -
Public Awareness Campaign To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and...more
10/16/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Electronic Protected Health Information (ePHI) ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Popular ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more
10/13/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The information you provide to your tax preparer is as sensitive as it gets. The assumption is that the tax preparation company is only using your data to prepare your taxes. In an enforcement action against Beneficial Corp.,...more
To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and the National Cybersecurity Alliance will “focus on ways to “Secure Our...more
Not only is the People’s Republic of China (PRC) a threat with its use of TikTok, but it also supports threat actors that have for years attacked U.S. based companies as well as the governments of the U.S. and Japan....more
On September 26, 2023, Windows released a configuration update on Windows 11 version 22H2 (all editions) that is worth reading and applying, particularly if you use Windows Copilot....more
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more
9/22/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
VMware provides multi-cloud services, products, and solutions for its customers, including VMware Tools. On September 1, 2023, VMware released a security update for a vulnerability in VMware Tools. According to the...more
CYBERSECURITY -
CISA Issues Four More Industrial Control Systems Advisories -
On August 22, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) issued four more advisories related to industrial control...more
8/25/2023
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Governance ,
Machine Learning ,
Personal Data ,
Vulnerability Assessments
On August 22, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) issued four more advisories related to industrial control systems. The advisories are applicable to four different industrial control products,...more
CISA released a blog post last week reminding software designers that artificial intelligence (AI) tools are software and that they “must consider the security of the customers as a core business requirement, not just a...more
CYBERSECURITY -
CISA Issues Two Industrial Control Systems Advisories -
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and...more
8/21/2023
/ California Privacy Protection Agency (CPPA) ,
Connected Cars ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
QR Codes ,
Regulatory Agenda ,
Vulnerability Assessments
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS)....more
I hate to say, “I told you so,” but I did. I have repeatedly warned against scanning QR codes. Following the pandemic and scanning QR codes at restaurants, people have become very comfortable with scanning QR codes, don’t...more
In its continued effort to keep industry apprised of threats facing companies in the U.S., CISA recently issued a Cybersecurity Advisory: 2022 Top Routinely Exploited Vulnerabilities that is helpful to get up to speed on top...more
On Monday, July 24, 2023, Apple issued a security update to address vulnerabilities that have been linked to a spyware campaign. iOS 16.6 fixes 25 iPhone security flaws, several of which are being exploited by threat actors...more
7/28/2023
/ Apple ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Information Technology ,
iPhone ,
Mobile Devices ,
Network Security ,
Operating System Developers ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP -
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
7/24/2023
/ Adobe ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
EU ,
Hackers ,
Machine Learning ,
Vulnerability Assessments
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that can lead to a security...more