CYBERSECURITY Neopets Breach Affects 69M Users What is Neopets, you ask? It is a virtual pet website that gives members the ability to “own, raise, and play games with their virtual pets.” According to BleepingComputer,...more
7/29/2022
/ Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Drones ,
Information Technology ,
Online Gaming ,
Online Safety for Children ,
Personal Data ,
Popular
CYBERSECURITY -
Cloaked Ursa Using Trusted Online Storage Services to Evade Detection -
According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
7/22/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Hackers ,
Identity Theft ,
Malware ,
National Security ,
Popular ,
Ransomware ,
TikTok ,
Vulnerability Assessments
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number...more
CYBERSECURITY -
Joint Advisory Warns of MedusaLocker Ransomware -
A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the...more
A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the Treasury Department warns that MedusaLocker ransomware “targets...more
Trustwave has reported a new scheme in which threat actors are using the popular Facebook Messenger platform to steal Facebook login credentials.
According to the report, the threat actors are using a phishing email to...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
6/29/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
PHI ,
Popular ,
Ransomware ,
Risk Mitigation ,
Vulnerability Assessments
CYBERSECURITY -
Karakurt Extortion Group Auctions Data for Ransom -
On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes...more
In a recent Private Industry Notification to the higher education sector, the FBI warned that U.S. college and university credentials are being advertised “for sale on online criminal marketplaces and publically [sic]...more
On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes Enforcement Network issued a joint Cybersecurity Alert warning companies of the...more
6/16/2022
/ Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
FBI ,
FinCEN ,
Hackers ,
Phishing Scams ,
Popular ,
Ransomware ,
U.S. Treasury ,
Vulnerability Assessments
CYBERSECURITY -
Joint Advisory Warns of Chinese-Sponsored Attacks on Telecommunications Companies -
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National...more
6/10/2022
/ China ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Non-Fungible Tokens (NFTs) ,
Popular ,
Right to Repair ,
Scams ,
Vulnerability Assessments
CYBERSECURITY -
Verizon’s 2022 Data Breach Investigations Report: A Must Read -
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
6/3/2022
/ California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Regulatory Reform ,
Vulnerability Assessments
The Federal Trade Commission kicked off Pride Month yesterday, acknowledging that “some of the most egregious scams and abuses target the LGBTQ+ community.” The scams that those in the LGBTQ+ community experience include...more
6/2/2022
/ Cybersecurity ,
Dating Services ,
Federal Trade Commission (FTC) ,
Fraud ,
Geolocation ,
LGBTQ ,
Mobile Apps ,
New Guidance ,
Scams ,
Vulnerability Assessments ,
Vulnerable Victims
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. Just goes to show how long I have been working on data breaches. It is always written in...more
6/2/2022
/ Botnets ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Phishing Scams ,
Popular ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA) added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 23, 2022, due to active exploitation by cyber criminals. The vulnerabilities are a...more
I am not a huge fan of using chatbots, as I never end up getting my questions fully answered. I get the efficiency of using a chatbot for simple questions, but my questions are usually not so easily resolved, so I end up...more
The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware attack against a technology...more
CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite...more
5/27/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Military Conflict ,
Popular ,
Russia ,
Small Business ,
Ukraine ,
Vulnerability Assessments
CYBERSECURITY NIST -
Releases Guidance on Supply Chain Security -
The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
5/13/2022
/ American Civil Liberties Union (ACLU) ,
Clearview AI ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
New Guidance ,
New Legislation ,
NIST ,
Personal Data ,
Popular ,
Privacy Laws ,
Ransomware ,
Supply Chain
Connecticut Governor Ned Lamont signed the Personal Data Privacy and Online Monitoring Act (CPDPA) into law on May 10, 2022, making Connecticut the most recent state to pass its own privacy law in the absence of comprehensive...more
5/13/2022
/ Connecticut ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Information Governance ,
Information Technology ,
New Legislation ,
Personal Data ,
Regulatory Reform ,
State Privacy Laws
The National Institutes of Science and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President...more
5/12/2022
/ Biden Administration ,
China ,
Cybersecurity ,
Cybersecurity Framework ,
Data Protection ,
Information Technology ,
New Guidance ,
NIST ,
Popular ,
Risk Management ,
Russia ,
Software ,
Supply Chain ,
Vulnerability Assessments
CYBERSECURITY -
Education Sector Continues to Get Hit with Ransomware Attacks -
According to Emsisoft, the education sector continues to experience ransomware attacks, with a whopping 1,043 schools affected by ransomware...more
5/6/2022
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Mobile Apps ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Vulnerability Assessments
According to Emsisoft, the education sector continues to experience ransomware attacks, with a whopping 1,043 schools affected by ransomware in 2021. This statistic breaks down to 62 school districts and 26 colleges and...more
CYBERSECURITY -
State Department Offers $10M Reward for Information on Russian Officers Involved in Malicious Cyber Activities -
The U.S. Department of State has announced a $10 million reward for “information leading to...more
As we have pointed out before, it is cumbersome yet critical, to patch vulnerabilities on a timely basis. Cyber-attackers move swiftly to take advantage of known vulnerabilities and are aware of the challenges organizations...more