Tag Archive: "#informationsecurity"
-
Discord Users Beware of Server Hijacks
Users of the popular messaging platform Discord have been targeted recently with threat actors hijacking servers and stealing assets. This has been particularly problematic in the Non-Fungible Token (NFT) space where CLA’s incident response team has recently responded to a rash of NFT’s being compromised resulting in tremendous losses. These compromises have allowed threat actors to use legitimate accounts to announce fake drops or links, where participating victims end up losing assets in fake transactions. To evade detection, sometimes these announcements are made via direct message (DM) so others cannot see what is happening.
-
FBI-Ransomware Impacting Local Governments
The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) last week related to new and evolving cybersecurity threats. In particular, the FBI confirmed that ransomware attacks have been specifically targeted against local government entities. The impact could be “significant due to the Public’s dependency on critical utilities, emergency services, educational facilities and other services overseen by local government”.
-
Gramm-Leach-Bliley Act (GLBA) Final Ruling Presentation
What is included in the final GLBA rule published on October 2021? How might this impact you? When does the rule take effect? We will be presenting on the updated rule at the Higher Education virtual conference on 2/22/22. Here is the link if you are interested. 2022 Higher Education Virtual Conference : 2022 : […]
-
Preventing a Password Compromise
Authored by Zoran Jovic
Password compromise is one of the most serious threats organizations face today. Attackers are attempting to gain access to your credentials 24/7, and tailor many, if not most attacks with the main goal of gaining access to credentials. Once the attacker has a username and a password, they become an authenticated user with access to systems and applications! While it may be hard to expect you to never make a mistake, a combination of user awareness training and effective security controls can help minimize the risk of a compromise. Whether you already have implemented mitigating controls, or are just starting on your journey, CLA can help verify and enhance your security posture.
-
Does Your Business Continuity & Disaster Recovery Plan Protect You In The Current Pandemic Environment?
With the pandemic we have seen an increase in inquiry to assist with the development or review of business continuity plans (BCP) and Disaster Recovery plans (DRP). Business continuity focuses on your process for recovering critical functions, while disaster recovery is more narrow in focus and most times is a subset of your BCP.