The recent story by ProPublica dubbed by their president Richard Tofel called “the most important story we have ever published” is gaining traction and attention. The IRS hosts highly sensitive tax information on every American citizen and business and such a breach is a violation of privacy entrusted to the IRS. Tax information is understood… Read More »IRS Secret Files Data Breach and Your Business
When major cyberattacks happen, most businesses do not tend to change their behavior to protect themselves. The recent Colonial Pipeline hack that caused widespread gas supply issues across the country should have served as a warning to all American businesses that they need to take cyber security more seriously. Now, major meat producer, JBS USA,… Read More »Meat Producer Victim of Hack – Supply Chain to Blame?
DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline, leading to a significant fuel supply disruption along the East Coast of the US. The malware is offered as Ransomware as A Service (RaaS) to different cybercriminals through an affiliate… Read More »When the Hacker is Hacked!
A new zero-day is under active exploitation in the wild targeting Android users. Though the bug has already received the fix, it is still a severe security issue for most of the Chinese phones with modified OS or phones will no OS / Security updates. This vulnerability, CVE-2020-11261, is a high-severity bug and has received… Read More »New Android Zero-Day Actively Exploited for Targeted Cyber Attacks
With the passing of the California Consumer Privacy Act (“CCPA”)[1], California has been center stage of data privacy compliance. However, this past month, Virginia now shares the stage. On March 2, 2021, Governor Ralph Northam signed into law the Virginia Consumer Data Protection Act (“VCDPA”).[2] The VCDPA is heavily influenced by both the CCPA and… Read More »Move over California, Virginia is Here
Cybersecurity has continually increased in priority and spending in recent years. Industry insights show that the federal government had to pay more than 13.7 billion dollars to counter cyberattacks in 2018. Looking forward to 2021, the U.S. is expected to spend more than 92 billion dollars on cybersecurity. Both U.S. businesses and government institutions are working every… Read More »The fight against cyber threats requires a public-private partnership. Here’s how to get it done.
Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft. It runs exclusively on Windows Server operating systems. The first version was called Exchange Server 4.0, to position it as the successor to the related Microsoft Mail 3.5. Exchange initially used the X.400 directory service but switched to Active Directory later. Until… Read More »How to Check if you’re Vulnerable to Microsoft Exchange Server zero-days
While Amazon Alexa skills facilitate users in their day-to-day activities, this personal assistant can go malicious as well. Researchers have found that vicious skills can bypass the Amazon Alexa skill vetting process. Researchers from the Ruhr-Bochum University have found how malicious skills can flood Amazon Alexa. Alexa skills are like third-party apps that run on… Read More »Researchers Identified that Amazon Alexa Can Learn Malicious Skills
Cybersecurity Awareness Month has come and gone, but we would be remiss without addressing Incident Response. Before we do, let’s recap the ground we’ve covered in the first four of five installments on a robust Cybersecurity and Data Privacy Program. Conduct an Assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 5, Incident Response.
With just one more week to go in Cybersecurity Awareness Month, let’s recap the ground we’ve covered in the first three of five installments before moving on to Phase 4, Compliance. Start your journey with a risk assessment. Taking stock of your Strengths, Weaknesses, Opportunities, and Threats from a holistic viewpoint of People, Process, and… Read More »Cybersecurity and Data Privacy – A journey, not a destination! Part 4, Compliance
