As a Rhode Islander, I am a big fan of our former Governor and now Secretary of Commerce, Gina Raimondo. She has always had her eye on the ball of the rapidly developing data privacy and cybersecurity risks and threats to national security. She is showing her continued commitment to data privacy, cybersecurity, and the
Cybersecurity
Russian Military Cyber Actors Targeting Critical Infrastructure Sector
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning that cyber actors affiliated with the Russian military are targeting critical infrastructure, government services, financial services, transportation systems, energy, and healthcare sectors of NATO…
CISA, FBI + DC3 Alert Warns of Iran-Based Ransomware Attacks
The Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Department of Defense Cyber Crime Center (DC3) issued a joint alert on August 28, 2024, warning U.S.-based organizations that cyber actors, “known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm,” are targeting and exploiting U.S. organizations…
Industrial Sector Prime Target of Ransomware Attacks in Q2
Dragos issued its Industrial Ransomware Analysis for Q2 on August 14, 2024. The analysis shows that ransomware attacks significantly increased in Q2, with many ransomware groups disrupted by law enforcement rebranding themselves into new groups. For instance, BlackCat became inactive in March 2024 after being targeted by law enforcement in late 2023 but “recalibrated their…
Department of Defense’s Proposed Amendment to DFARS for Inclusion of Cybersecurity Maturity Model Certification in Contracts
Last week, the U.S. Department of Defense (DoD) released a proposed amendment to the Defense Acquisition Regulations Supplement (DFARS) that would require a Cybersecurity Maturity Model Certification (CMMC) program to become a required part of the DoD’s contracting process. The CMMC program is a DoD program that helps businesses meet security requirements for their work…
Details of State of Nebraska and DOJ Complaints Against TikTok
We have previously outlined the risks of using TikTok, the federal and state governments’ ban on it, and the national security risks it presents.
In doing so, we primarily focused on data privacy and security threats to TikTok users. Recently, Nebraska and the U.S. Department of Justice each sued TikTok directly for different allegations…
SharpRhino Malware Targeting IT Professionals
Information technology professionals—beware of SharpRhino—a malware variant attributed to threat actor cybercriminals associated with Hunters International. It is being reported that Hunters International is the “10th most active ransomware group in 2024.” Hunters International has “claimed responsibility for 134 attacks in the first seven months of 2024.” It has been linked to the defunct…
Convicted Russian Cybercriminals Part of Prisoner Swap
It is heartwarming that 16 prisoners, including innocent ex-Marine Paul Whelan and Wall Street Journal reporter Evan Gershkovich, have been freed from their wrongful imprisonment in Russia in exchange for 24 convicted Russian prisoners. What is disturbing is that innocent individuals wrongfully convicted are being used to bargain for convicted individuals, including cybercriminals.
Krebs on…
Columbus, Ohio Hit with Ransomware Attack
The city of Columbus, Ohio, announced on May 29, 2024, that it was forced to take its systems offline due to a ransomware attack. According to its notice, the attack was perpetrated by “an established, sophisticated threat actor operating overseas,” and that it was working with law enforcement to investigate the incident.
According to…
Privacy Tip #408 – Russian Cybercriminals Get 69% of Ransom Payments
Anecdotally, we know that cybercriminals hailing from Russia are a significant risk to U.S.-based and world companies and governmental entities. With two convicted Russian cybercriminals being released this week in the prisoner swap I was curious just how significant Russian cybercriminals play in cybercrime chaos.
According to Bleeping Computer, “Russian-speaking threat actors accounted…