CYBERSECURITY -
New York DFS Fines Robinhood $30M for “Significant” Cybersecurity Violations -
The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform...more
8/4/2022
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Federal Aviation Administration (FAA) ,
Financial Services Industry ,
Mobile Apps ,
NYDFS ,
Personally Identifiable Information ,
Robinhood Financial ,
Scams
What is Neopets you ask? It is a virtual pet website that gives members the ability to “own, raise, and play games with their virtual pets.” According to BleepingComputer, Neopets has experienced a data breach that has...more
CYBERSECURITY -
Cloaked Ursa Using Trusted Online Storage Services to Evade Detection -
According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
7/22/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Hackers ,
Identity Theft ,
Malware ,
National Security ,
Popular ,
Ransomware ,
TikTok ,
Vulnerability Assessments
According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20, Nobelium, or Cozy Bear), “demonstrate[s] sophistication and the ability to rapidly integrate...more
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number...more
A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the Treasury Department warns that MedusaLocker ransomware “targets...more
Trustwave has reported a new scheme in which threat actors are using the popular Facebook Messenger platform to steal Facebook login credentials.
According to the report, the threat actors are using a phishing email to...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
6/29/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
PHI ,
Popular ,
Ransomware ,
Risk Mitigation ,
Vulnerability Assessments
CYBERSECURITY -
Karakurt Extortion Group Auctions Data for Ransom -
On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
On June 2, 2022, CISA (the Cybersecurity and Infrastructure Security Agency), the FBI, the Department of the Treasury and the Financial Crimes Enforcement Network issued a joint Cybersecurity Alert warning companies of the...more
6/16/2022
/ Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
FBI ,
FinCEN ,
Hackers ,
Phishing Scams ,
Popular ,
Ransomware ,
U.S. Treasury ,
Vulnerability Assessments
CYBERSECURITY -
Joint Advisory Warns of Chinese-Sponsored Attacks on Telecommunications Companies -
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National...more
6/10/2022
/ China ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Non-Fungible Tokens (NFTs) ,
Popular ,
Right to Repair ,
Scams ,
Vulnerability Assessments
CYBERSECURITY -
Verizon’s 2022 Data Breach Investigations Report: A Must Read -
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
6/3/2022
/ California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Regulatory Reform ,
Vulnerability Assessments
Although the U.S. Chamber of Commerce (the Chamber) “strongly urges Congress to pass durable, bipartisan national privacy legislation that protects all Americans equally,” it will “strongly oppose legislation that fails to...more
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. Just goes to show how long I have been working on data breaches. It is always written in...more
6/2/2022
/ Botnets ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Phishing Scams ,
Popular ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency (CISA) added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 23, 2022, due to active exploitation by cyber criminals. The vulnerabilities are a...more
The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware attack against a technology...more
CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite...more
5/27/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Military Conflict ,
Popular ,
Russia ,
Small Business ,
Ukraine ,
Vulnerability Assessments
According to Emsisoft, the education sector continues to experience ransomware attacks, with a whopping 1,043 schools affected by ransomware in 2021. This statistic breaks down to 62 school districts and 26 colleges and...more
CYBERSECURITY -
State Department Offers $10M Reward for Information on Russian Officers Involved in Malicious Cyber Activities -
The U.S. Department of State has announced a $10 million reward for “information leading to...more
As we have pointed out before, it is cumbersome yet critical, to patch vulnerabilities on a timely basis. Cyber-attackers move swiftly to take advantage of known vulnerabilities and are aware of the challenges organizations...more
The U.S. Department of State has announced a $10 million reward for “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government,...more
4/28/2022
/ Computer Fraud and Abuse Act (CFAA) ,
Criminal Conspiracy ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Guidance ,
Malware ,
Rewards ,
Russia ,
US Department of State
CYBERSECURITY -
Intelligence Points to Likely Russian Attacks on Critical Infrastructure -
The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
4/22/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Hackers ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Russia ,
Scams ,
Ukraine
The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn...more
4/21/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Military Conflict ,
Regulatory Agencies ,
Risk Management ,
Russia ,
Ukraine ,
Vulnerability Assessments
CYBERSECURITY -
State Department Establishes Bureau of Cyberspace and Digital Policy -
The Department of State’s new Bureau of Cyberspace and Digital Policy (CDP) commenced operations on April 4, 2022. According to an...more
4/8/2022
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Enforcement Actions ,
Information Governance ,
Information Technology ,
Personal Data ,
Popular ,
Scams