What We’re Reading – September 2021 - 2

Mintz - Privacy & Cybersecurity Viewpoints
Contact

Mintz - Privacy & Cybersecurity Viewpoints

Welcome to Fall 2021!   We’re trying to curate some of the week’s privacy and cybersecurity news to keep you up-to-date:

CONTI RANSOMWARE ON THE RISE — Another week, another US agency joint advisory on ransomware.   The Cybersecurity & Infrastructure Security Agency (CISA), the FBI and the National Security Agency issued a joint advisory that there’s been an “increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations.” The advisory includes indicators that a Conti hack has occurred and suggests organizations --- tell me where you’ve heard this before --- update their software security, including application of patches, require multi-factor authentication and implement network segmentation to help prevent attacks.

WATCH OUT FOR SMISHING --  First, what is “smishing?”  Simply, it is malware delivered through a text message, otherwise known as SMS, and it is becoming a common attack vector.  More here.   It also has been elevated in importance with employees using mobile devices to communicate in the WFH era.  The latest is that the bad guys are taking advantage of interest in Covid-19 vaccine booster shots by targeting Android users in the US and Canada.  Security researcher (and solutions provider) Cloudmark is reporting today on this attack in a blog post.   According to Cloudmark, the bad actors are sending text messages about “Covid regulations and the third dose of Covid vaccines” to trick users into downloading a string of malware known as TangleBot.  The malware allows hackers to control and access contact information, texting and phone capabilities, call logs, and the device’s camera and microphone.   An alert to your remote workforce to be aware might be in order before the weekend.

REPORT ON EU-U.S. PRIVACY SHIELD AND TRANSATLANTIC DATA FLOWS --  While companies are rushing to meet next week’s Standard Contractual Clauses deadline, this week the U.S. Congressional Research Service released a report on Privacy Shield and trans-Atlantic data flows, including options for Congress to facilitate these data flows and a potential enhanced Privacy Shield.   The CRS report also considers whether comprehensive U.S. national privacy legislation (aligned with GDPR?) would “provide some level of certainty to EU businesses and individuals” and “provide sufficient safeguards and guarantees” for U.S. adequacy.   It might help to provide some level of certainty to US businesses as well …..

SPEAKING OF CONGRESS – The Senate Committee on Commerce, Science, and Transportation has (finally) scheduled its first hearing on privacy of this 2021 session.    Committee Chair Senator Maria Cantwell (D-WA) has scheduled a hearing on Wednesday, September 29 on “Protecting Consumer Privacy.”  The hearing will examine the need for a comprehensive privacy law, better safeguarding of consumer privacy rights, and creating a privacy bureau of the Federal Trade Commission.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Mintz - Privacy & Cybersecurity Viewpoints | Attorney Advertising

Written by:

Mintz - Privacy & Cybersecurity Viewpoints
Contact
more
less

Mintz - Privacy & Cybersecurity Viewpoints on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.