Advisory on Russian Threats to Infrastructure WHAT HAPPENED? CISA, the FBI, and the NSA have released a joint cybersecurity advisory that gives oversight on Russian cyber operations including their observations on tactics, techniques, and procedures. WHAT DOES THIS MEAN FOR ME? These organizations are working together to help the [...]
Importance of Patching Log4j Flaw WHAT HAPPENED? The Federal Trade Commission (FTC) has warned U.S. organizations failing to secure customer data against Log4Shell zero-day vulnerability could face legal repercussions. The week of January 3rd, the consumer protection agency warned that the serious flaw in the Log4j logging library is being exploited [...]
STAYING VIGILENT DURING THE HOLIDAYS WHAT HAPPENED? While you are planning for holiday parties and traveling, malicious cyber actors are making different plans. Recently, CISA and the FBI have seen that this time of year is when these actors look to disrupt critical networks and systems belonging to organizations, businesses, and [...]
SonicWall Usage WHAT HAPPENED? SonicWall is strongly urging organizations that use SMA 100 series appliance to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical. If left unpatched, one of the vulnerabilities may be exploited to remotely takeover unpatched devices. [...]
Beware of BlackMatter WHAT HAPPENED? BlackMatter is ransomware-as-a-service tool that allows ransomware developers to profit from cybercriminal affiliates, such as BlackMatter actors, who deploy against victims. These actors have attacked numerous U.S. based organizations and have demanded ransom payments ranging from $80,000 to $15,000,000 in Bitcoin and Monero. BlackMatter may be [...]
Be Alert as Ransomware Conti-nues to Take Over WHAT HAPPENED? The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have seen Conti ransomware used in more than 400 attacks on U.S. and international organizations. Typically, Conti ransomware attacks are malicious in nature and occur when a bad actor intends to steal [...]
Apple Device Updates WHAT HAPPENED? Apple owners: Time to update your software. Apple has uncovered evidence that attackers may be actively exploiting two vulnerabilities in company software to take over certain Apple devices, including iPhones.The company issued the security patches last week while warning the vulnerabilities could lead to remote code execution. [...]
Cybersecurity and ESG Proposals Are on the Horizon: Key Takeaways from SEC Chair’s Senate Testimony WHAT HAPPENED? Before the Senate Banking Committee on September 14th, SEC Chair, Gary Gensler, indicated that numerous rules related to cybersecurity and climate risk, among others are in the works. Even though this is the first time the [...]
Are Your Employees Being Recruited to Attack Your Firm? WHAT HAPPENED? Cybersecurity criminals are utilizing unconventional methods to breach company networks through ransomware attacks, which may even be carried out through the company's own employees. These scammers are offering a percentage of the ransom to employees who assist them with launching these [...]
SEC Cybersecurity Sanctions: Your Firm Could Be Next WHAT HAPPENED? On August 30th, the SEC sanctioned eight firms in three actions for failures in cybersecurity policies and procedures. The investigations revealed: Among the eight firms, nearly 200 cloud-based email accounts of firm personnel, representatives, and financial advisors were taken over by unauthorized [...]