Be Alert as Ransomware Conti-nues to Take Over WHAT HAPPENED? The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have seen Conti ransomware used in more than 400 attacks on U.S. and international organizations. Typically, Conti ransomware attacks are malicious in nature and occur when a bad actor intends to steal [...]
Apple Device Updates WHAT HAPPENED? Apple owners: Time to update your software. Apple has uncovered evidence that attackers may be actively exploiting two vulnerabilities in company software to take over certain Apple devices, including iPhones.The company issued the security patches last week while warning the vulnerabilities could lead to remote code execution. [...]
Cybersecurity and ESG Proposals Are on the Horizon: Key Takeaways from SEC Chair’s Senate Testimony WHAT HAPPENED? Before the Senate Banking Committee on September 14th, SEC Chair, Gary Gensler, indicated that numerous rules related to cybersecurity and climate risk, among others are in the works. Even though this is the first time the [...]
Are Your Employees Being Recruited to Attack Your Firm? WHAT HAPPENED? Cybersecurity criminals are utilizing unconventional methods to breach company networks through ransomware attacks, which may even be carried out through the company's own employees. These scammers are offering a percentage of the ransom to employees who assist them with launching these [...]
SEC Cybersecurity Sanctions: Your Firm Could Be Next WHAT HAPPENED? On August 30th, the SEC sanctioned eight firms in three actions for failures in cybersecurity policies and procedures. The investigations revealed: Among the eight firms, nearly 200 cloud-based email accounts of firm personnel, representatives, and financial advisors were taken over by unauthorized [...]
16 States Reviewing Data Privacy Regulations WHAT HAPPENED? State data privacy regulations are continuously evolving to catch up with the ever-increasing risks to consumers on the web. In recent months, 16 states introduced or continued processing laws that, if passed, will protect consumer data and hold companies accountable for [...]
Kaseya Attack: What You Should Know and How You Should Respond WHAT HAPPENED? It was recently discovered that Kaseya’s VSA software had an unknown, zero-day vulnerability in the software which was exploited for an attack. The software is used by managed service providers (MSPs) and their clients for remote [...]
Cisco ASA & Firepower Threat Defense Vulnerability Exploited WHAT HAPPENED? On June 24, 2021, a cybersecurity firm published a Proof of Concept (PoC) exploit on Cisco's Adaptive Security Appliance, showing security weaknesses in the software. While PoC’s are intended for information sharing and not for harm, the published vulnerability [...]
Phishing Warning: Virginia State Corporation Commission Issues Alert WHAT HAPPENED? On June 24, 2021, the Virginia State Corporation Commission’s Division of Securities and Retail Franchising (the Division) issued an alert to registered investment advisers of an ongoing phishing campaign whereby the attackers claim to be from the Division.Like most phishing attempts, [...]
DarkSide, Ransomware, and the Colonial Pipeline Attack: 8 Practical Ways to Lock Down Your Data WHAT HAPPENED? When bad actors initiated a ransomware attack on the Colonial Pipeline network earlier this month, panic-struck consumers emptied gas pumps across the Southeast. The pipeline, a critical infrastructure resource, ultimately paid attackers [...]