SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more
WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more
On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more
Scammers prey on us when we are most vulnerable. Although some of us are early holiday shoppers, others wait until the last minute to complete their holiday shopping....more
According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang...more
Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware...more
11/1/2024
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
North Korea ,
Personally Identifiable Information ,
Ransomware ,
Vulnerability Assessments
On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more
10/24/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Healthcare ,
Microsoft ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims.
New reports from Microsoft and others indicate that in the second quarter of...more
7/25/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Microsoft ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more
TikTok has reported that it is responding to a cyber attack targeting a limited number of known brands and celebrity accounts. The BBC has identified that Paris Hilton’s account as being targeted, but TikTok says it was not...more
CYBERSECURITY -
City of Pensacola Services Disrupted by Cyber-Attack -
Adding to the list of many other municipalities, the city of Pensacola, Florida, was hit with a cyber-attack last weekend that affected services to...more
3/22/2024
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Machine Learning ,
Online Platforms ,
Tracking Systems ,
Vulnerability Assessments
CYBERSECURITY -
Patch, Patch, Patch: Updates for Fortinet, Microsoft, and Adobe Products -
Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky....more
Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky. Nonetheless, it is a necessary evil and crucial to cybersecurity hygiene and incident prevention....more
CYBERSECURITY -
CISA, FBI + MS-ISAC Issue Warning on Phobos Ransomware -
To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
3/11/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Executive Orders ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
Ransomware ,
Vulnerability Assessments
To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a cybersecurity advisory warning organizations about the Phobos ransomware, and...more
CYBERSECURITY -
HC3 Warns Healthcare Organizations about Akira Ransomware Group -
The Health Sector Cybersecurity Coordination Center (HC3) recently warned the health care sector about the Akira ransomware group that...more
2/21/2024
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Personal Data ,
Ransomware ,
Scams ,
USPTO ,
Vulnerability Assessments
The Federal Trade Commission (FTC) keeps track of scams that are reported to it and summarizes those scams in a report outlining the most successful scams of the prior year....more
Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022. They found that threat actors are using multi-extortion tactics to get paid...more
2/8/2024
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY CISOs:
New Report Outlines Risks of LLMs -
I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
2/2/2024
/ Artificial Intelligence ,
Chief Information Security Officer (CISO) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Mercedes-Benz ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
Mozilla Releases Security Updates for Thunderbird and Firefox -
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
1/31/2024
/ Baby Boomers ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Generation Z ,
Location Data ,
Personally Identifiable Information ,
Vulnerability Assessments
CYBERSECURITY-
Mozilla Releases Security Updates for Thunderbird and Firefox -
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
1/26/2024
/ California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
FBI ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Location Data ,
Mozilla ,
Network Security ,
Vulnerability Assessments
OK boomers—instead of being on the end of an “OK boomer” comment, now you have some ammunition. Boomers have been reported to be less of a cybersecurity vulnerability to the workforce than Gen Z. An article by Karina Zapata...more
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity & Infrastructure Security Agency (CISA) is recommending that the patches be applied...more
Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next year. A year is a long time in the tech field. Just look at how fast ChatGPT...more
On December 15, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) issued a Secure by Design Alert and guidance on “How Manufacturers Can Protect Customers by Eliminating Default Passwords.”...more