CYBERSECURITY -
Password Manager LastPass Admits to Hack -
Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of...more
In its Mid-Year Cyberthreat Report published on August 24, 2022, cybersecurity firm Acronis reports that ransomware continues to plague businesses and governmental agencies, primarily through phishing campaigns.
According...more
With the recent announcement by LastPass that it was hacked, and source code was compromised (LastPass is reporting that no passwords were compromised), I thought it timely to remind readers about the pros and cons of using a...more
Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of users were compromised in the incident, unfortunately, its source...more
CYBERSECURITY -
Cyber-Attack Disrupts Public Services in Fremont County, Colorado -
Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity...more
8/26/2022
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Hackers ,
Information Technology ,
OCR ,
Oracle ,
Popular ,
Risk Management ,
Statutory Violations ,
Twitter ,
Vulnerability Assessments
Government offices and public services in Freemont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity event affecting our county computer systems.”
As of the official update issued...more
CYBERSECURITY -
CISA + MS-ISAC Alert: Threat Actors Exploiting Zimbra Collaboration Suite -
On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis...more
8/24/2022
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Labor (DOL) ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Information Technology ,
Popular ,
Robots ,
Scams ,
Vulnerability Assessments
The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the...more
8/22/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
New Guidance ,
Ransomware ,
Vulnerability Assessments
CYBERSECURITY -
Twilio Hit with Social Engineering Smishing Scheme -
We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user...more
8/12/2022
/ Artificial Intelligence ,
Class Action ,
Cyber Attacks ,
Data Breach ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Identity Theft ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Social Engineering
The Twilio and Cloudfare smishing attacks [view related post] provide a timely reminder of how sophisticated smishing attacks are and how they can affect businesses and their customers. But threat actors don’t just attack...more
We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user into visiting a malicious website to steal their credentials or money....more
Like all technology, mobile apps can be infected with malicious code, or malware, that is intended to gain access to your mobile phone when you download the app. Although app stores try their best to not allow malicious apps...more
What is Neopets you ask? It is a virtual pet website that gives members the ability to “own, raise, and play games with their virtual pets.” According to BleepingComputer, Neopets has experienced a data breach that has...more
CYBERSECURITY -
Cloaked Ursa Using Trusted Online Storage Services to Evade Detection -
According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
7/22/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Hackers ,
Identity Theft ,
Malware ,
National Security ,
Popular ,
Ransomware ,
TikTok ,
Vulnerability Assessments
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number...more
A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the Treasury Department warns that MedusaLocker ransomware “targets...more
Trustwave has reported a new scheme in which threat actors are using the popular Facebook Messenger platform to steal Facebook login credentials.
According to the report, the threat actors are using a phishing email to...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
6/29/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
PHI ,
Popular ,
Ransomware ,
Risk Mitigation ,
Vulnerability Assessments
In a recent Private Industry Notification to the higher education sector, the FBI warned that U.S. college and university credentials are being advertised “for sale on online criminal marketplaces and publically [sic]...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes Enforcement Network issued a joint Cybersecurity Alert warning companies of the...more
6/16/2022
/ Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
FBI ,
FinCEN ,
Hackers ,
Phishing Scams ,
Popular ,
Ransomware ,
U.S. Treasury ,
Vulnerability Assessments
CYBERSECURITY -
Joint Advisory Warns of Chinese-Sponsored Attacks on Telecommunications Companies -
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National...more
6/10/2022
/ China ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Non-Fungible Tokens (NFTs) ,
Popular ,
Right to Repair ,
Scams ,
Vulnerability Assessments
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National Security Agency entitled “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and...more
6/9/2022
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Data Protection ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
National Security Agency (NSA) ,
Network Security ,
Popular ,
Vulnerability Assessments
CYBERSECURITY -
Verizon’s 2022 Data Breach Investigations Report: A Must Read -
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
6/3/2022
/ California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Regulatory Reform ,
Vulnerability Assessments
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. Just goes to show how long I have been working on data breaches. It is always written in...more
6/2/2022
/ Botnets ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Phishing Scams ,
Popular ,
Vulnerability Assessments