When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across...more
This week, both Apple and Microsoft issued patches to fix serious zero-day vulnerabilities that should be applied as soon as possible. That means that if you have an iPhone or iPad, you may want to plug your phone or iPad in...more
As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient clinics, specialty clinics and business associates, according to a report by...more
10/7/2021
/ Business Associates ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Health Care Providers ,
Health Clinics ,
Hospitals ,
Information Technology ,
Risk Management ,
Vulnerability Assessments
We talk about passwords a lot. As you know, I am a fan of passphrases instead of passwords as they are hard to guess and easy to remember—a perfect combination for security data....more
Although executives of organizations report that ransomware is their number one security concern, and 87 percent of them expect an increase in cyber-attacks against their organizations over the next year, only one-third of...more
9/17/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Emergency Response ,
Hackers ,
Information Technology ,
Network Security ,
Popular ,
Ransomware ,
Risk Management ,
Threat Management
We have noted before how important it is to update the operating system (OS) on your mobile phone as soon as you receive notice from the manufacturer. This week, Apple issued an update to the iOS that is considered urgent....more
On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation of attacks by threat actors using Hive ransomware....more
9/2/2021
/ Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Data Protection ,
Hackers ,
Healthcare Facilities ,
Information Security ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
On August 25, the Cybersecurity and Infrastructure Security Agency (CISA) issued a fact sheet offering suggestions to government agencies and private companies on how to prevent and respond to a ransomware attack. ...more
8/27/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management
According to a report issued on August 24, 2021, by Unit 42 of Palo Alto Networks Ransomware Groups to Watch: Emerging Threats, four emerging ransomware groups “are currently affecting organizations and show signs of having...more
8/27/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to...more
8/20/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Mandiant, a division of FireEye, has reported that it has discovered a vulnerability in a software protocol that enables hackers to gain access to audio and visual data on smart devices including baby monitors and web...more
8/19/2021
/ Baby Products ,
Connected Items ,
Data Privacy ,
Hackers ,
Information Security ,
Information Technology ,
Internet of Things ,
Popular ,
Risk Management ,
Smart Devices ,
Software ,
Vulnerability Assessments
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
8/4/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Information Technology ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Risk Management ,
Vulnerability Assessments
Earlier this week, Apple issued another patch—this one is said to address a reported vulnerability that “an application may be able to execute arbitrary code with kernel privileges.” According to Apple, it “is aware of a...more
The U.S. Transportation Security Administration (TSA) issued its second Security Directive to the pipeline industry on July 20, 2021, following the Colonial Pipeline cybersecurity incident. ...more
On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event...more
7/22/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Denial of Service Attacks ,
Digital Service Providers ,
Events ,
FBI ,
Hackers ,
Olympics ,
Popular ,
Ransomware ,
Risk Management ,
Sports ,
Vulnerability Assessments
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian...more
7/16/2021
/ Anti-Money Laundering ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Enforcement Guidance ,
Hackers ,
Information Technology ,
Money Laundering ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Regulatory Reform ,
Risk Management ,
Virtual Currency
In a rare move, the Department of Health and Human Services (HHS) has issued a warning to hospitals and health systems to prioritize the patching of a two-year-old vulnerability in picture archive communication systems...more
7/9/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Hackers ,
Health Care Providers ,
Hospitals ,
Popular ,
Risk Management ,
Security Risk Assessments ,
Vulnerability Assessments
Another example of the resiliency and creativity of cyber-attackers is outlined in a new blog by Cisco/Talos researchers, which outlines how, over the past year, and in particular as a result of the migration from work at the...more
4/16/2021
/ Cisco ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Information Technology ,
Malware ,
Remote Working ,
Risk Management ,
Slack ,
Telecommuting ,
Vulnerability Assessments
Speaking of security education and training, the National Cybersecurity Center this week launched a new initiative to offer cyber-hygiene and IT security sessions to elected state government officials and their staff for...more
The United States Government Accountability Office (GAO) recently completed and published a study on electricity grid cybersecurity that concluded that the Department of Energy (DOE) needs to ensure its plans fully address...more
Cyber-hygiene and prevention are sometimes hard to fit in when there are so many vulnerabilities, zero-day attacks and third-party incidents that keep us busy every day....more
In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0—Day exploits being used to...more
The news is full of stories about crashing vaccination scheduling websites, seniors who are unable to get their vaccine appointment, and how different states are rolling out their limited supplies of COVID vaccines....more
The statistic that cybercriminals have been unleashing 18 million phishing emails laced with malware on a daily basis into cyberspace during the pandemic is mind boggling and one that executives should pay attention to when...more
2/18/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Phishing Scams ,
Risk Management ,
Statistical Analysis
In what the New York Department of Financial Services (NYDFS) is touting as the first guidance by a U.S. regulator on cyber insurance, NYDFS announced on February 4, 2021, in Insurance Circular Letter No. 2 (2021), that it...more