Cybersecurity Blog

More about Kadian Douglas

  • 813-384-2735

Kadian currently works with the Information Security Services Group as well as higher education group providing compliance services, outsourcing and co-sourcing engagements and information security assessments.

Blog Posts by Kadian Douglas:

  • Discord Users Beware of Server Hijacks

    Users of the popular messaging platform Discord have been targeted recently with threat actors hijacking servers and stealing assets.  This has been particularly problematic in the Non-Fungible Token (NFT) space where CLA’s incident response team has recently responded to a rash of NFT’s being compromised resulting in tremendous losses.  These compromises have allowed threat actors to use legitimate accounts to announce fake drops or links, where participating victims end up losing assets in fake transactions.   To evade detection, sometimes these announcements are made via direct message (DM) so others cannot see what is happening.

    Read More

  • FBI-Ransomware Impacting Local Governments

    The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) last week related to new and evolving cybersecurity threats. In particular, the FBI confirmed that ransomware attacks have been specifically targeted against local government entities.  The impact could be “significant due to the Public’s dependency on critical utilities, emergency services, educational facilities and other services overseen by local government”.

    Read More

  • How the Events in Ukraine Could Impact U.S. Businesses

    As we watch history unfold in the Ukraine, it’s important to think about how these events can impact you and your business.  One way in which you could be impacted is by a cyber-attack.  The Russian government has used cyber as a key component of their force projection over the last decade.  The last week has seen an unprecedented level of disruptive activity including activation of the new “HermeticWiper” malware attack discovered on February 23.  While these attacks are currently focused outside the US, it is generally believed that sanctions imposing on Russia by Ukraine’s western allies, including the United States may cause retaliatory cyber-attacks here in our homeland.

    Read More

  • Gramm-Leach-Bliley Act (GLBA) Final Ruling Presentation

    What is included in the final GLBA rule published on October 2021? How might this impact you? When does the rule take effect? We will be presenting on the updated rule at the Higher Education virtual conference on 2/22/22. Here is the link if you are interested. 2022 Higher Education Virtual Conference : 2022 : […]

    Read More

  • StopRansomware – New Website

    Ramsomware continues to be a high risk for organizations and the number of cases reported continue to increase. There are also those cases that are not reported. As you continue to develop your strategy for responding to these attacks, visit the newly formed government page at Stop Ransomware | CISA. If you would also like […]

    Read More

  • Preventing a Password Compromise

    Authored by Zoran Jovic

    Password compromise is one of the most serious threats organizations face today. Attackers are attempting to gain access to your credentials 24/7, and tailor many, if not most attacks with the main goal of gaining access to credentials. Once the attacker has a username and a password, they become an authenticated user with access to systems and applications! While it may be hard to expect you to never make a mistake, a combination of user awareness training and effective security controls can help minimize the risk of a compromise. Whether you already have implemented mitigating controls, or are just starting on your journey, CLA can help verify and enhance your security posture.

    Read More

  • Ransomware? – Tips to Mitigate Against Ransomware

    I presume that you are also aware of the most recent attack on one of the nation’s largest pipelines that carries gas from Texas to New York. This was also as a result of ransomware. On May 13, 2021 the National Institute of Standards and Technology (NIST) released some tips and tricks for dealing with ransomware.

    Read More

  • Change Your Password If You Use The ParkMobile Parking App – Your Information May Be Compromised

    The data for approximately 21 million customers who use the ParkMobile parking app has been compromised. If you use this app some of the potential information that is being sold right now includes your mailing address, license plate number, email address, passwords and phone numbers.

    Read More

  • Does Your Business Continuity & Disaster Recovery Plan Protect You In The Current Pandemic Environment?

    With the pandemic we have seen an increase in inquiry to assist with the development or review of business continuity plans (BCP) and Disaster Recovery plans (DRP). Business continuity focuses on your process for recovering critical functions, while disaster recovery is more narrow in focus and most times is a subset of your BCP.

    Read More

  • CLA Cybersecurity Alert: Microsoft Email Server Attack Update

    On March 2, Microsoft first announced a series of vulnerabilities that enabled hackers to break into the company’s Exchange email, calendar programs, and in some cases integrated voice messaging. China — among others — has allegedly used this vulnerability to spy on a wide range of industries in the United States ranging from medical research to law firms to defense contractors.

    Read More

Subscribe to Blog   

Protecting your data from cyber threats starts with confidentiality, integrity, and availability. CLA’s cybersecurity team understands the threats you face — and how to help keep your organization safe. Check back often to learn about risks, trends, IT security attack and defense, and mitigation and response techniques.