On the eve of the holiday weekend, Kaseya was hit with a ransomware attack. Kaseya has been posting regular updates on its website all through the weekend. If you or your managed service provider (many of which run their operations on Kaseya’s platform) were impacted by this compromise. Please check Kaseya’s website for ongoing updates
The SolarWinds Breach: What We Know Now and What Businesses Can Do to Protect Themselves
Earlier this month, we learned that the SolarWinds Orion Platform software builds for versions 2019.4 HF 5 through 2020.2.1*, released between March 2020 and June 2020, were compromised by an advanced persistent threat actor (or APT). The perpetrators of this sophisticated attack implanted a Trojan into a legitimate update to the Orion Platform
CISA, FBI and HHS Warn of Imminent Ransomware Threat to Hospitals and Healthcare Providers
On October 29, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the U.S. Department of Health and Human Services (HHS) warned of an increased, imminent threat to U.S. hospitals and healthcare providers. The agencies have credible information that malicious cyber actors are targeting the healthcare and public health
CSG’s Schaap to Participate in LIFARS Webinar Discussing Cybersecurity and Data Protection Best Practices for Businesses Amid COVID-19
CSG’s Michelle A. Schaap will join Ondrej Krehel, CEO and Founder of LIFARS, LLC, and Roota Almeida, CISO with Delta Dental of New Jersey and Connecticut, on Wednesday, July 29, from 3:00 – 3:45 PM EDT for a virtual discussion around strategy and best practices in the face of the current escalated legal and cyber
E-Tailers Beware: FBI Warns of New Cyberattack Targeting e-Commerce Websites
The FBI issued an alert warning of an attack targeting e-commerce websites. The bad actors are embedding code directly into the e-commerce site to then skim account information.
The notice, found here, provides the details of this attack.
As always, the best defense against this and other cyberattacks is to have layers of defenses
When proactive measures fail, the kill chain may still help recapture miswired funds
The “kill chain” is a phrase that refers to the FBI’s ability to interrupt or kill the miswiring and loss of funds.
This is an extremely powerful resource given that cyber criminals have been targeting entities that use Microsoft Office 365 and Google G Suite to perpetuate business email compromise (BEC) scams. The “phish kits”
Wipro Breach: What to do now
Wipro, one of the world’s largest outsourcing companies, has confirmed that it was the subject of a cyberattack and that its attackers used – and may be continuing to use – access to Wipro’s systems to launch phishing campaigns against the company’s customers.
The investigation is ongoing, but if you or your clients use Wipro,
Responding to, and managing the risk of, the inevitable data breach
Cybersecurity and data privacy remain at the top of the corporate agenda, and it is critical that executives stay ahead of the curve with the latest best practices in order to effectively respond when – not if – an data incident occurs.
To that end, I am pleased to offer a Lorman Education Service’s webinar,
Ten Cybersecurity Tips for Safer Travels
From a cybersecurity and data protection perspective, traveling safely on business or pleasure is not an easy task. But if you are mindful of what you do, and where you do it, you and your information can travel more securely.
Here are ten practical cybersecurity and data protection tips to keep in mind:
- Devices that
Ten tips for cyber mindfulness and data security (even on a limited budget)
One of the most common misconceptions surrounding cybersecurity and data protection measures is that they are too expensive to deploy and maintain – so much so that they become prohibitive for small and middle market businesses. Another one I hear often is that the implementation process can seem daunting for business owners who may be