There are pros and cons to using a password manager. The biggest pro is that it is difficult to keep all of our passwords organized and safe. The biggest con is that if the password manager is compromised, and the master...more
CYBERSECURITY -
Nineteen States Have Banned TikTok on Government-Issued Devices -
Governors of numerous states have issued Executive Orders in the past several weeks banning TikTok from government-issued devices and...more
12/23/2022
/ China ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Diagnostic Tests ,
Hackers ,
Healthcare ,
Infectious Diseases ,
Scams ,
TikTok ,
Vulnerability Assessments
According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices. The exploit (CVE-2022-27518) affects Citrix...more
CYBERSECURITY -
South Dakota Governor Bans State Workers from Using TikTok -
It is estimated that some 80 million Americans and more than one billion people use TikTok. It is well known that TikTok has a direct...more
CYBERSECURITY -
Health Care Organizations Warned of Venus Ransomware -
The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information...more
11/23/2022
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Identity Theft ,
Instagram ,
Popular ,
Ransomware ,
Spyware ,
Vulnerability Assessments
Dark Reading reports that thousands of college and university students are being targeted by cyber-attackers who are using a legitimate domain to impersonate Instagram and steal credentials of the users. The attack is able to...more
Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new phishing scam that is unique and successful. The scam is believed to be carried out by the Luna Moth/Silent Ransom Group and is targeting...more
DATA PRIVACY -
Businesses Struggle to Comply with CPRA without Final Regulations -
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t...more
As companies hustle to follow the new California Privacy Rights Act (CPRA) regulations, they’ve hit a substantial hiccup: there aren’t any yet. The California Privacy Rights Agency (CPPA), the newly- created body with...more
11/10/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements
CYBERSECURITY -
Joint Advisory Outlines Attacks by Daixin Team -
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning...more
11/4/2022
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Employee Monitoring ,
EU-US Privacy Shield ,
Popular ,
Ransomware ,
Vulnerability Assessments
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health...more
11/4/2022
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
FBI ,
Healthcare ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Joint Statements ,
Public Health ,
Ransomware ,
Vulnerability Assessments
Last week, the California Privacy Protection Agency (CPPA) released updated California Privacy Rights Act (CPRA) draft regulations and a summary of the changes. The regulations remain in the proposal stage and it is unclear...more
10/28/2022
/ California ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Personal Information ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Standards ,
State Privacy Laws
CYBERSECURITY -
CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors -
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
10/26/2022
/ Artificial Intelligence ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Drones ,
Employee Monitoring ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personal Data
CYBERSECURITY -
CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors -
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
10/21/2022
/ Artificial Intelligence ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Employee Monitoring ,
Geolocation ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Robots
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
10/20/2022
/ China ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Risk Alert ,
Risk Management ,
Threat Management ,
Vulnerability Assessments
CYBERSECURITY -
CISA Recommends Following Microsoft’s Mitigation for Zero Day Exploits -
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft...more
10/14/2022
/ Arenas and Stadiums ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Microsoft ,
NFL ,
Vulnerability Assessments
The State Bar of Georgia recently disclosed that it was the victim of a cybersecurity incident in April 2022, when an unauthorized individual accessed its systems and compromised the data of current and former employees and...more
I recently ran across a Forbes article that I thought was spot-on, so I am sharing it with our readers. Entitled “5 Tips For How To Handle Consumer Privacy Concerns,” the article astutely points out that “In the age of...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
10/13/2022
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Microsoft ,
Risk Management ,
Risk Mitigation ,
Vulnerability Assessments
With the recent announcement by LastPass that it was hacked, and source code was compromised (LastPass is reporting that no passwords were compromised), I thought it timely to remind readers about the pros and cons of using a...more
Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of users were compromised in the incident, unfortunately, its source...more
CYBERSECURITY -
Cyber-Attack Disrupts Public Services in Fremont County, Colorado -
Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity...more
8/26/2022
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Hackers ,
Information Technology ,
OCR ,
Oracle ,
Popular ,
Risk Management ,
Statutory Violations ,
Twitter ,
Vulnerability Assessments
Government offices and public services in Freemont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity event affecting our county computer systems.”
As of the official update issued...more
This week, in addition to the news-catching, ongoing dispute between Twitter and Elon Musk, Twitter’s former head of cybersecurity, Peiter Zatko, claimed in a whistleblower filing with several federal agencies that Twitter...more
8/26/2022
/ Bots ,
Data Collection ,
Data Protection ,
Data Security ,
Elon Musk ,
Federal Trade Commission (FTC) ,
Government Investigations ,
Internet ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Social Media ,
Social Networks ,
Twitter ,
Vulnerability Assessments
CYBERSECURITY -
CISA + MS-ISAC Alert: Threat Actors Exploiting Zimbra Collaboration Suite -
On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis...more
8/24/2022
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Labor (DOL) ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Information Technology ,
Popular ,
Robots ,
Scams ,
Vulnerability Assessments