DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022. They found that threat actors are using multi-extortion tactics to get paid...more
The International Committee of the Red Cross (ICRC) has taken a new step to regulate the activities of civilian hackers in conflict zones. To address the rise in the involvement of civilian hackers in inter-state conflicts,...more
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more
Businesses can breathe a little easier now that one of the world’s top five ransomware networks, the Hive, has been infiltrated and disbanded by the FBI....more
Israeli cybersecurity firm Hudson Rock has reported that the email addresses of more than 235 million Twitter users have been stolen and posted by more than one hacker on an online hacking forum. According to the security...more
Louisiana's Largest Medical Complex Discloses Data Breach Associated to October Attack - On December 23rd, 2022, the Lake Charles Memorial Health System (LCMHS) began sending out notifications regarding a newly discovered...more
Optus Confirms Data Breach Impacting 9.8 Million Individuals - On October 3, 2022, Optus, a major telecommunications company headquartered in Australia, confirmed that 2.1 million customers had valid or expired government...more
CYBERSECURITY - FBI Issues Notice to Health Industry Highlighting Risks of Unpatched Medical Devices - The FBI issued a Private Industry Notification targeted to the health care sector on September 12, 2022, warning...more
CYBERSECURITY - Verizon’s 2022 Data Breach Investigations Report: A Must Read - I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
CYBERSECURITY - CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine - The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
CYBERSECURITY - FBI and DHS Warn of Russian Cyberattacks Against Critical Infrastructure - U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that...more
A joint Cybersecurity Advisory issued by U.S. and international partners, entitled “2021 Trends Show Increased Globalized Threat of Ransomware,” warns of “the growing international threat posed by ransomware over the past...more
The regular “Weekly Update” email from the Financial Industry Regulatory Authority (“FINRA”) had an eye-catching warning February 16, urging broker-dealer member firms to heed the “Shields Up” cyber threat warning from the...more
U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that Russia might launch cyber-attacks against Ukrainian and U.S. networks at the same time it launches...more
On January 31, 2022, the FBI issued a Private Industry Notification entitled “Potential for Malicious Cyber Activities to Disrupt the 2022 Beijing Winter Olympics and Paralympics,” warning those associated with the Olympics...more
CYBERSECURITY - CISA Warns “Every Organization” in U.S. to Assess + Respond to Cyber Risks - The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over...more
Passwords are so difficult to remember. We all know we shouldn’t use the same or similar passwords across platforms. Stolen password credentials are dumped on the dark web and criminals use the stolen passwords to steal other...more
Microsoft has issued frequent updates on the Log4j vulnerability that we have been hearing so much about. The vulnerability is a serious problem that will become more widespread as time goes on....more
CYBERSECURITY - FTC Warns Companies of Enforcement for Failing to Patch Log4j Vulnerability - In what I would describe as an unusual but interesting move by the Federal Trade Commission (FTC), on January 4, 2022, it...more
The Division of Legislative Automated Systems, which provides IT services to the Virginia General Assembly (the Assembly), detected a ransomware attack on December 10, 2021, that included “extremely sophisticated malware”...more
A new report issued by Sophos, The State of Ransomware in Education 2021, found that the education sector as a whole experienced a higher level of ransomware attacks than any other industry in 2020....more
Researchers at Mandiant have recently reported that a new ransomware group calling itself Sabbath appears to be the rebranded group Arcane and “picked up their pace” in November....more
On November 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to require banking...more