No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
Financially motivated cybercriminals are increasingly targeting Cloud environments in their ransomware and/or extortion attacks. The attack activity of two (2) threat groups in particular – Octo Tempest (AKA Scattered Spider)...more
In its Mid-Year Cyberthreat Report published on August 24, 2022, cybersecurity firm Acronis reports that ransomware continues to plague businesses and governmental agencies, primarily through phishing campaigns. According...more
It is every employer’s worst nightmare: an unsuspecting employee receives an email in the early morning from an individual claiming to be his supervisor. The email asks him to follow up on an urgent work assignment that needs...more
Report on Patient Privacy 21, no. 11 (November, 2021) - Attorney Brad Hammer doesn’t always don a suit and tie, or what he calls his “lawyer’s uniform.” A privacy and security expert and founder of the Vakaris Group based...more
On September 22, 2021, the Federal Bureau of Investigations (FBI), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) issued a cybersecurity advisory alerting companies to the...more
New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy...more
Each year, the Internet Crime Complaint Center (“IC3”) of the Federal Bureau of Investigation publishes its Internet Crime Report. The IC3’s 2020 Internet Crime Report includes startling information about the continuing...more
Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more
Phishing FINRA - October is cyber-security awareness month, so it’s only appropriate that FINRA started it with another Regulatory Notice warning member firms to beware of a false-survey phishing scheme. The Notice warns...more
As a result of the COVID-19 pandemic, millions of Americans have deserted the physical workplace. Modern technology and remote access capabilities have made it possible to transform almost any job to a telework position. As...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
It doesn’t matter in which state you are located, how many patients you treat, what kind of medicine you practice or how many employees you have, if you are a health care provider, you are being targeted and hackers are...more
As we reported in March, the COVID-19 pandemic is being leveraged by malicious cyber actors to make various cybersecurity attacks. ...more
Another city—Durham, North Carolina—has become the victim of a ransomware attack stemming from a Russian hacker group following a successful phishing scheme....more
Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in...more
Security researchers Intezer and IBM X-Force have identified a new ransomware that is seriously vicious. It’s PureLocker—named because it is programmed in PureBasic language, which is apparently unusual....more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
A new Harris Poll for the American Institute of CPA’s (AICPA), which called 1006 U.S. adults for the report, shows interesting statistics regarding American adults’ attitudes and fears about identity theft and financial loss...more
A recent report from The Seattle Times provides details on a series of social engineering and ransomware attacks successfully perpetrated on a Seattle suburb during the second half of 2017. The incidents of cyber scams...more
There have been a myriad of research studies attempting to come up with the “cost” of a data breach. The most recent, released by AT&T, estimates that it costs organizations $3.6 million to recover from a data breach....more
Every where you look these days, there seems to be another report of a cyber attack--attacks which do not discriminate based on industry type, size of business, or impact. In other words, everyone is vulnerable. In fact, the...more
On June 27, 2017, the world had its second major ransomware attack in two months, and experts are predicting more to come. The first, named WannaCry, began May 12, and quickly spread to over 400,000 machines, the vast...more
Following the frequent and varied ransomware attacks on health care entities over the past few years, the Office for Civil Rights (OCR) published guidance last summer to the health care industry reminding it that a ransomware...more
According to a February 2017 American Bar Association press release, “cyber-related risks have escalated based on the sensitivity and nefarious uses of that data. Last year, for example, the Manhattan U.S. attorney’s office...more
Following the massive WannaCry event, the mantra among security folks is push patches to vulnerabilities as soon as they are released. US-CERT issued a warning late last week that there is a newly discovered flaw,...more