Tag Archive: "cybersecurity"
-
2022 Cybersecurity Awareness Month at CLA!
Welcome to the 2022 Cybersecurity Awareness Month – “See Yourself in Cyber!”
-
Ransomware that Your Cybersecurity Insurance Can’t Cover
The latest alert from various US government agencies through the Cybersecurity & Infrastructure Security Agency (CISA) warns that actors affiliated with Iran’s Islamic Revolutionary Guard Corps are targeting vulnerabilities in Fortinet networking equipment and Microsoft Exchange email software. Like other threat actors, they leverage vulnerabilities to deploy tools and encrypt systems and exfiltrate data, creating significant business interruption and consumer risk, while demanding a large ransom payment.
-
Lloyd’s to Exclude Nation State Attacks from Cyber Insurance Coverage
Earlier this month, Lloyd’s of London announced in a market bulletin that they will cease their nation state attack insurance coverage beginning in April 2023. While there is a growing demand for cyber liability insurance as cyber-attacks grow in frequency, severity, and sophistication, Lloyd’s identifies cyber related insurance as an evolving risk for their business.
-
Education Sector Being Targeted for Cyber Attacks
Back to school apparently also applies to hackers. Educational institutions are currently being targeted for ransomware attacks. The FBI, Cybersecurity & Infrastructure Security Agency (CISA) issued a warning on September 6, 2022 about the increase in ransomware attacks by hacking group Vice Society. This group has been using compromised credentials to exploit internet-facing applications to gain access, explore the network, exfiltrate sensitive student data and deploy ransomware. In the past, we have seen this disruptive activity lead to classes being cancelled, exams being delayed, to schools being shut down permanently.
-
Cybersecurity Education Series for Nonprofits – Security Basics
Please check out the post below written by Javier Young where he highlights how to protect your hard drives, hardware and software decommissioning, and device configuration. Cybersecurity Education Series for Nonprofits – Security Basics
-
Discord Users Beware of Server Hijacks
Users of the popular messaging platform Discord have been targeted recently with threat actors hijacking servers and stealing assets. This has been particularly problematic in the Non-Fungible Token (NFT) space where CLA’s incident response team has recently responded to a rash of NFT’s being compromised resulting in tremendous losses. These compromises have allowed threat actors to use legitimate accounts to announce fake drops or links, where participating victims end up losing assets in fake transactions. To evade detection, sometimes these announcements are made via direct message (DM) so others cannot see what is happening.
-
FBI-Ransomware Impacting Local Governments
The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) last week related to new and evolving cybersecurity threats. In particular, the FBI confirmed that ransomware attacks have been specifically targeted against local government entities. The impact could be “significant due to the Public’s dependency on critical utilities, emergency services, educational facilities and other services overseen by local government”.
-
Cybersecurity & Infrastructure Security Agency (CISA) Malware Alert (AA22 054A)
“Sandworm”, a Russian state-backed hacker group within the GRU (Russian military intelligence organization) has released new malware called ‘Cyclops Blink’….’Cyclops Blink’ can lead to a complete network compromise, by allowing attackers to gain access to the external perimeter firewall.
-
How the Events in Ukraine Could Impact U.S. Businesses
As we watch history unfold in the Ukraine, it’s important to think about how these events can impact you and your business. One way in which you could be impacted is by a cyber-attack. The Russian government has used cyber as a key component of their force projection over the last decade. The last week has seen an unprecedented level of disruptive activity including activation of the new “HermeticWiper” malware attack discovered on February 23. While these attacks are currently focused outside the US, it is generally believed that sanctions imposing on Russia by Ukraine’s western allies, including the United States may cause retaliatory cyber-attacks here in our homeland.
-
Gramm-Leach-Bliley Act (GLBA) Final Ruling Presentation
What is included in the final GLBA rule published on October 2021? How might this impact you? When does the rule take effect? We will be presenting on the updated rule at the Higher Education virtual conference on 2/22/22. Here is the link if you are interested. 2022 Higher Education Virtual Conference : 2022 : […]