No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
It is being reported that Black Basta (aptly named) exploited a Microsoft zero-day prior to Microsoft’s release of a patch for the vulnerability back in March....more
CYBERSECURITY - CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits - Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft...more
On March 15, 2021, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which will require critical infrastructure owners and operators (among other things) to report...more
CYBERSECURITY - November's "Patch Tuesday" Includes 55 Patches - Staying current with Microsoft’s monthly patches is challenging, yet critical for one’s cybersecurity program. This week, Microsoft’s November Patch...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
CYBERSECURITY - Extortion Doesn’t Work for EA Sports Hackers - According to The Record, Electronic Arts Sports (EA) was the victim of a cyber hacking in June, when hackers posted on an underground hacking forum that they...more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30,...more
Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against...more
CYBERSECURTY - U.S. CISA + Cyber Command Warns of Critical Flaw in VMware - Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure...more
A cyberattack over the weekend forced the shutdown of one of America’s largest pipelines for refined gas and jet fuel. Operator Colonial Pipeline revealed late Friday that it had “shut down its 5,500 miles of pipeline, which...more
Here’s how the SAP Community can mitigate the risk of a widespread cybersecurity incident involving their SAP systems....more
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recently released a free tool that will assist organizations with identifying indicators of compromise following threat activity in...more
Au cours des dernières semaines, des cyberattaquants ont cherché à exploiter des vulnérabilités que Microsoft a détectées dans ses serveurs Exchange. Ces attaques ont initialement été menées par un groupe de piratage...more
In recent weeks, hackers have sought to exploit vulnerabilities that Microsoft has identified in its Exchange software that customers have loaded onto their Exchange Servers. These attacks started with a hacking group known...more
This month, the cybersecurity research firm Volexity found a series of four critical security vulnerabilities in Microsoft’s Exchange Server software. Since then, vulnerability has been independently verified and confirmed...more
CYBERSECURITY - Microsoft Releases Additional Resources for Exchange Flaws and CISA Issues Alert - As we alerted our readers last week, Microsoft announced that its Exchange email servers have been compromised, which is...more
In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0—Day exploits being used to...more
U.S. Judge Halts Trump's TikTok Ban, Hours Before It was Set to Start - "John Hall, an attorney for TikTok, said that the app, with some 100 million American users, is a 'modern day version of the town square' and shutting...more
TikTok Will Partner with Oracle in the United States After Microsoft Loses Bid - "TikTok and Oracle will become business partners in the United States — a deal meant to satisfy the Trump administration's national security...more