To file in the “no one is immune from a sophisticated attack,” category, well-known and respected security firm FireEye publicly announced this week that it has experienced an attack by a state-sponsored (which means a foreign government) hacking group, which successfully obtained its “red team tools.” This is very concerning, as the red team tools
Privacy Tip #263 – Fake Emails and Texts Spoofing UPS and FedEx
Cyber criminals are taking advantage of the increase in online holiday shopping due to the pandemic. They know people are buying gifts online and sending the packages to the recipients. Often, the recipients do not know they are receiving a gift as it is intended to be a surprise.
Cyber criminals have stepped up their
Embraer Data Leaked on Darkweb Website
Brazilian airplane manufacturer Embraer’s data have reportedly been uploaded on a dark web website hosted by ransomware group RansomExx (a.k.a. Defray 777) after Embraer reportedly refused to pay a ransom following a ransomware attack last month.
According to ZDNet, the hackers uploaded company files containing “samples of employee details, business contracts, photos of flight
Cyber Exposures Rise During Pandemic
Although it is logical that cyber-attacks have risen during the pandemic, and there is anecdotal evidence that it is occurring, including our own experience, an interesting new report was recently released by Allianz, which provides cyber-liability insurance products.
According to the report, “While the COVID-19 outbreak cannot be said to be a direct cause of
Ancestry.com Sued in Class Action for Using Data from Year Books
Ancestry.com (Ancestry) was sued on November 30, 2020, in a putative class action case filed in the Northern District of California for “knowingly misappropriating the photographs, likenesses, names, and identities of Plaintiff and the class; knowingly using those photographs, likenesses, names, and identities for the commercial purpose of selling access to them in Ancestry products
Privacy Tip #262 – More Holiday Shopping Tips
Holiday shopping has started in earnest following Thanksgiving. Statistics show that with the pandemic, more shopping will be done online this year than ever before. We provided some tips last week, but I had an opportunity since then to participate in an interview and a podcast on the subject and want to pass them along
Update: Ransomware—To Pay or Not to Pay
Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack [view related post].
The first event is the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on October 1, 2020,
Baltimore County School District Hit with Ransomware Attack Right Before Thanksgiving
Baltimore County Public Schools shut down Monday and Tuesday following a ransomware attack that paralyzed the school system’s network last week right before Thanksgiving.
According to the Baltimore Sun, officials described the event as a “catastrophic attack on our technology system.” The ransomware attack is reported to have hit the entire Baltimore County Public Schools’
Responding to Cyber-Attacks in the Utility and Energy Sectors
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) recently issued a report on best practices to respond to and recover from cybersecurity incidents in the utility industry.
Like other industries, the utility industry is at high risk for cyber-attacks
Home Depot Settles Data Breach Multi-state Enforcement Action for $17.5 Million
Home Depot has agreed to settle a multi-state enforcement action by 46 U.S. states and Washington, D.C. arising from the data breach that occurred in 2014. Home Depot has agreed to pay $17.5 million to put the enforcement action behind it. The investigation was led by the Attorneys General of Connecticut, Illinois and Texas.
The