Tag Archives: CISA

Privacy Tip #250 – Beware of Vishing

The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert warning the public about vishing campaigns [see related post]. Vishing is defined by the FBI as “a form of criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial … Continue Reading

U.S. Organizations Doing Business in China Warned of Malware in Tax Software

The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Flash Alert to U.S. based businesses doing business in China about a remote targeting campaign whereby the tax software that Chinese domestic banks require foreign companies to install is loaded with malware. Trustwave researchers warned in June … Continue Reading

SEC Issues Warning for Advisors and Broker-Dealers on Increased Ransomware Attacks

On July 10, 2020, the Securities and Exchange Commission, through its Office of Compliance Inspections and Examinations (OCIE), issued a warning to advisors and broker-dealers to “immediately” review their cybersecurity controls to prevent and respond to an increase in phishing campaigns and ransomware attacks. The Risk Alert advises that the OCIE has “observed an apparent … Continue Reading

Cybersecurity Considerations for Drones

The Federal Aviation Administration (FAA) estimates that by 2023 there will be more than 835,000 commercial drones in the United States. As the use of drones for many commercial purposes (such as aerial inspections, utility projects, monitoring real estate and construction activities) increases, more and more organizations will consider how to integrate these devices into … Continue Reading

URGENT/11 Cybersecurity Vulnerabilities Could Affect Medical Devices and Hospital Networks

On the heels of an FDA committee report concerning cybersecurity issues with medical devices [view related post] the U.S. Food and Drug Administration (FDA) issued an alert regarding cybersecurity vulnerabilities, referred to as “URGENT/11,” that could introduce risks for some medical devices and hospital networks. According to the FDA’s October 1st notice, the URGENT/11 vulnerabilities … Continue Reading

Can You Really Protect Against Ransomware?

We’ve written a few times recently about municipalities, companies, and government agencies hit with ransomware attacks this year. In early July, it was reported that a court system in Georgia was attacked with ransomware, causing lawyers, court employees and the public to have to rely on “old school” paper to file pleadings and keep the … Continue Reading
LexBlog