No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Major U.S. companies targeted by North Korean threat actors disguised as remote IT workers. Multiple individuals responsible for stealing millions of dollars have already been apprehended by U.S. authorities....more
As the holiday shopping season kicks into high gear, it also becomes a prime opportunity for cybercriminals to target retailers, their suppliers, and their customers. As The Hacker News reports, criminal use of artificial...more
DocuSign is a great and efficient way to obtain authentic signatures for contracts and invoices. As with other efficient tools, threat actors will and have found a way to use the DocuSign API to send fake invoices to divert...more
Cyber regulation is changing in Australia. As governments globally grapple with the everchanging and increasingly challenging cyber landscape, Australia is poised to implement new laws and update existing regulation in order...more
Cybercriminals continue to outpace the best efforts of regulators, law enforcement, and cybersecurity professionals. Recent reporting from the Federal Bureau of Investigation demonstrates that cybercriminals are increasingly...more
In today's digital age, the health care industry faces a growing threat from scammers who don't have to use sophisticated cyberattacks; they can use the most routine task to steal information from unwitting and...more
"Thank you for your order." "We tried delivering your package." We have all seen these subject lines in our inbox, but some are not so innocent. Business impersonation scams are not new, but some of their tricks are. These...more
This week is National Consumer Protection Week. Based on the recent statistics published by the FTC on online, digital, and voice scamming, consumers sorely need more help protecting themselves from scams....more
I was talking to a client today about a security incident and the discussion turned to how threat actors are using increasingly more sophisticated ways to attack individuals and companies. She lamented that we know more than...more
A genuine looking email is sent to a company’s accounts payable department with instructions from its president to pay money to a certain account. The “To” and “From” headers and the signature block look identical to hundreds...more
Losses arising from email scams are usually covered, if at all, under a company’s crime policy. But a recent decision from The District Court in Minnesota suggests that recourse may also be found under an insured’s cyber or...more
CYBERSECURITY - Nineteen States Have Banned TikTok on Government-Issued Devices - Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
Email scams and viruses are nothing new—threats like phishing emails and malware have been around since the days when services like AOL still dominated the internet and email landscape. However, while technology has made a...more
CYBERSECURITY - CISA + MS-ISAC Alert: Threat Actors Exploiting Zimbra Collaboration Suite - On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis...more
CYBERSECURITY - Joint Advisory Warns of Chinese-Sponsored Attacks on Telecommunications Companies - A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National...more
CYBERSECURITY - Intelligence Points to Likely Russian Attacks on Critical Infrastructure - The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
CYBERSECURITY - Cyber-Attackers Politically Aligned - The most recent Accenture Global Incident Report (the Report) shows that cyber-attackers have political views and are divided between support for Russia or Ukraine....more
According to Microsoft, 91% of cyberattacks start with an email. In an earlier Privacy Peril we provided information on prevalent words phishers of men and women insert in an email subject line to grab the recipient’s...more
In the face of the ever-growing threat of cyberattacks disguised in emails from phishers, impostors and other increasingly sophisticated security scammers, Google has launched a tool to allow organizations to fight back by...more
New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy...more
The COVID-19 pandemic has had a disparate effect on privacy regulators, with varying levels of enforcement advocated by different government entities; the California Attorney General, the U.S. Department of Health & Human...more
There have been numerous examples of how hackers can get hold of sensitive and deeply personal information and use it against individuals to embarrass and extort them into sending money or compromising pictures to the hackers...more
Adult Streaming Site Leaves 7TB of Users’ Information Unsecured - Live adult streaming website CAM4 has reportedly not secured 7TB of users’ information, which may be able to be used for blackmail and identity theft...more
Sodinokibi Hackers Switch Payment Mechanism to Monero - The hackers behind the Sodinokibi/REvil ransomware have reportedly switched their demands for payment from Bitcoin or Ethereum to Monero cryptocurrency to try to...more
The Ginp Banking Trojan is not a new way of scamming users into giving up credit card details, however, the latest version apparently capitalizes on COVID-19 anxiety. Recently, security researchers at Kaspersky revealed that...more