Let us take time this week to thank current members of the military and all veterans for their service in protecting our country and democracy. As the daughter of a veteran, I am profoundly grateful to all of our service members who put their lives and families at risk every day, and those that forged

We previously reported on the unfortunate data breach suffered by 23andMe last month and its implications. We never imagined how horrible it could be.

According to an October 6, 2023, posting by Wired earlier that week, hackers involved with the 23andMe breach posted “an initial data sample on the platform BreachForums…claiming that it contained 1

The Cybersecurity & Infrastructure Security Agency (CISA), FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515.

According to the Alert, “this critical vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator

On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations.

According to the Alert, the cybercriminals behind NoEscape “have constructed their malware and its associated infrastructure entirely from scratch.” Offering Ransomware-as-a-Service, they

We have published blog posts before on sharing genetic information and the risk associated with the disclosure of such sensitive information.

Unfortunately, our concerns have been realized. On Monday, October 9, 2023, 23andMe confirmed that its investigation into a data security incident involving customer profile information shared through its DNA Relatives feature “was compiled from

The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch so organizations can identify, mitigate, and respond to an attack using the Snatch ransomware variant.

Snatch has been hitting the Defense Industrial Base (DIB)

I was talking to a client today about a security incident and the discussion turned to how threat actors are using increasingly more sophisticated ways to attack individuals and companies. She lamented that we know more than the average individual about how they implement attacks, but she worries about her mother, who is frequently online.

CISA released a blog post last week reminding software designers that artificial intelligence (AI) tools are software and that they “must consider the security of the customers as a core business requirement, not just a technical feature, and prioritize security throughout the whole lifecycle of the product, from inception of the idea to planning for