I was preparing to teach my next privacy law class on the subject matter of online privacy, when I discovered a good article (though in full disclosure, it is an ad) on protecting your privacy and personal information online....more
We have posted blogs before on sharing genetic information and the risk associated with the disclosure of such sensitive information.
Unfortunately, our concerns have been realized....more
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more
10/13/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and the National Cybersecurity Alliance will “focus on ways to “Secure Our...more
We have been keeping a keen eye on the explosion of the use of artificial intelligence (AI) tools and generative AI. We are assisting clients with Governance Programs to formulate a process to evaluate the use of AI in their...more
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more
9/22/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
It is scary to think of cyber warfare and how it may affect us. But the reality is there, and we should be prepared. I was chatting with a colleague this morning who asked for the top two things to do to prepare for a massive...more
I was talking to a client today about a security incident and the discussion turned to how threat actors are using increasingly more sophisticated ways to attack individuals and companies. She lamented that we know more than...more
9/7/2023
/ Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Elder Issues ,
Federal Trade Commission (FTC) ,
Risk Management ,
Scams
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued “timely information about current security issues, vulnerabilities, and exploits surrounding” Industrial Control Systems (ICS)....more
I hate to say, “I told you so,” but I did. I have repeatedly warned against scanning QR codes. Following the pandemic and scanning QR codes at restaurants, people have become very comfortable with scanning QR codes, don’t...more
On Monday, July 24, 2023, Apple issued a security update to address vulnerabilities that have been linked to a spyware campaign. iOS 16.6 fixes 25 iPhone security flaws, several of which are being exploited by threat actors...more
7/28/2023
/ Apple ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Information Technology ,
iPhone ,
Mobile Devices ,
Network Security ,
Operating System Developers ,
Risk Management ,
Vulnerability Assessments
Amid growing concern of the use of AI tools, Congressional questioning and hearings, and the lack of regulation around its use, at least seven technology firms have signed on to follow voluntary commitments to oversee how AI...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies.
The rules, which will become effective thirty days after publication in...more
7/28/2023
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Form 10-K ,
Form 8-K ,
Publicly-Traded Companies ,
Regulation S-K ,
Regulatory Reform ,
Required Forms ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023, announced patches for CVE-2023-29298, an improper access control issue that can lead to a security...more
CYBERSECURITY -
Unpatched Fortinet Vulnerability Being Exploited by Threat Actors -
According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a...more
CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The CLOP ransomware organization has been reportedly exploiting an SQL injection...more
6/16/2023
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
5/19/2023
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Risk Management ,
Threat Management ,
Vulnerability Assessments
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more
5/4/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Ransomware ,
Risk Management ,
Threat Management ,
Vulnerability Assessments
As artificial intelligence, also known as “AI” becomes more of a household word, it is worth pointing out not only how cool it can be, but also how some uses raise privacy concerns....more
There are pros and cons to using a password manager. The biggest pro is that it is difficult to keep all of our passwords organized and safe. The biggest con is that if the password manager is compromised, and the master...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
10/20/2022
/ China ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Risk Alert ,
Risk Management ,
Threat Management ,
Vulnerability Assessments
I recently ran across a Forbes article that I thought was spot-on, so I am sharing it with our readers. Entitled “5 Tips For How To Handle Consumer Privacy Concerns,” the article astutely points out that “In the age of...more
Microsoft recently issued mitigation steps for vulnerabilities that are being actively exploited by threat actors. Microsoft stated that it is aware that two vulnerabilities are being actively exploited to access users’...more
10/13/2022
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Microsoft ,
Risk Management ,
Risk Mitigation ,
Vulnerability Assessments
It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money....more
9/29/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Deletion ,
Document Destruction ,
Hackers ,
Malware ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
Cyber-Attack Disrupts Public Services in Fremont County, Colorado -
Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity...more
8/26/2022
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Hackers ,
Information Technology ,
OCR ,
Oracle ,
Popular ,
Risk Management ,
Statutory Violations ,
Twitter ,
Vulnerability Assessments