No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware...more
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims. New reports from Microsoft and others indicate that in the second quarter of...more
A spate of recent ransomware attacks illustrates the increasingly difficult calculations that businesses face following the theft or encryption of their data....more
Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more
CYBERSECURITY - Ransomware Hitting U.S. Companies at Increasing Rate - Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022....more
Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022. They found that threat actors are using multi-extortion tactics to get paid...more
Chinese authorities have arrested alleged hackers in what appears to be the first-ever reported case of hackers using AI to develop ransomware. These alleged hackers reportedly used ChatGPT to refine the code for their...more
The Most Significant Developments in Cybersecurity and Cyber-Related Liability Risks - As we reflect upon 2023, it will unfortunately be remembered as a record-breaking year for ransomware and cybercrime....more
The United States joined 39 other countries this week in the International Counter Ransomware Initiative, an effort to stem the flow of ransom payments to cybercriminals. The initiative aims to eliminate criminals’ funding...more
Resilience issued its Midyear 2023 Claims Report, which is well worth the read. In addition to commenting on the impact of the MOVEit incident, some of the key findings include...more
The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515. According to the Alert, “this critical vulnerability...more
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,” which provides “tips on what organizations can do to prepare to deliver safe patient care in the...more
Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes....more
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing...more
France's Orientation and Programming Law of the Ministry of the Interior ("LOMPI law"), published in the Official Journal of January 25, 2023, amends the insurance coverage of losses and damages paid in response to...more
Businesses can breathe a little easier now that one of the world’s top five ransomware networks, the Hive, has been infiltrated and disbanded by the FBI....more
With Memorial Day weekend behind us, many people are celebrating the unofficial start of summer. And summer is almost always a blessing—nicer weather, beach vacations, shorter Fridays (if you’re lucky)—you’ve got to think...more
In this article, we look at the 2021 cyberattack on the Health Service Executive (“HSE”), the national healthcare provider for Ireland, and what lessons have been learned from that crisis one year post-incident....more
This week, AGCO, a U.S. agricultural machinery manufacturer, suffered a ransomware attack that affected its business operations and shut down its systems. AGCO, headquartered in Duluth, Georgia, designs, produces, and...more
It’s the call you hope you never get. Your company has been hit with a ransomware attack. Your systems are offline. Your customer data was stolen by an unknown threat actor who is threatening to leak it. You have lots of...more