CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite repeated warnings by the Cybersecurity and Infrastructure Security Agency and the FBI that U.S.-based businesses are at an increased risk of a cyber-attack following
Cybersecurity and Infrastructure Security Agency
CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of destructive malware that is being used to target organizations in Ukraine, with the ongoing warnings of increased cyber-attacks against U.S. organizations.
The malware, WhisperGate and HermeticWiper, is used to “destroy computer systems and render them inoperable.”…
Update on Apache log4j and Kronos Security Incidents
It was a crazy weekend for cyber-attacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that have maximum disruption on multiple victims, including third-party vendors and their customers. It is a “one-stop shop” strategy that is used every…
CISA Issues Guidance on Protecting Organizations’ Social Media Accounts
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued guidance on protecting the security of organizations’ social media accounts to reduce the risk of unauthorized access to those accounts.
The guidance, entitled The Capacity Enhancement Guide (CEG): Social Media Account Protection, provides tips for organizations to protect social media accounts from malicious cyber actors. CISA…
CISA Issues Binding Operational Directive on Patching Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued a Binding Operational Directive requiring all federal agencies to apply patches to new and old vulnerabilities that are being exploited in the wild.
The Directive, entitled Reducing the Significant Risk of Known Exploited Vulnerabilities, “establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant…
CISA Issues Guidance on Ransomware Attacks
Yesterday (August 25, 2021), the Cybersecurity and Infrastructure Security Agency (CISA) issued a fact sheet offering suggestions to government agencies and private companies on how to prevent and respond to a ransomware attack.
The fact sheet, entitled Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches provides organizations with tips to prevent and respond to…
CISA Releases “Bad Practices” with Hope of Decreasing Cyber Blunders
The federal Cybersecurity and Infrastructure Security Agency (CISA) released a few cybersecurity “bad practices” this week to assist in decreasing the volume of knowable and preventable cyber mistakes. These bad practices are aimed at educating critical infrastructure owners and operators, as well as the defense industry and the organizations that support the supply…
Crippling Ransomware Attack on Pipeline Exposes Vulnerabilities in U.S. Critical Infrastructure
Colonial Pipeline, a company that transports more than 100 million gallons of gasoline and other fuel daily across 14 states from Houston to New York Harbor, shut down the pipeline last Friday after discovering ransomware on its computer systems. The FBI has blamed the attack on a ransomware group called DarkSide.
The hack reportedly began…
U.S. Organizations Doing Business in China Warned of Malware in Tax Software
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Flash Alert to U.S. based businesses doing business in China about a remote targeting campaign whereby the tax software that Chinese domestic banks require foreign companies to install is loaded with malware.
Trustwave researchers warned in June…
Cybersecurity Considerations for Drones
The Federal Aviation Administration (FAA) estimates that by 2023 there will be more than 835,000 commercial drones in the United States. As the use of drones for many commercial purposes (such as aerial inspections, utility projects, monitoring real estate and construction activities) increases, more and more organizations will consider how to integrate these devices into…