Category Archives: Cyber

Subscribe to Cyber RSS Feed

Mark Zuckerberg requested to testify to Congress about Facebook/Cambridge Analytica Privacy

The Washington Post reported that there was an official request for Mark Zuckerberg to testify at the House Energy and Commerce Committee since the Committee believes the “CEO of Facebook, he is the right witness to provide answers to the American people. We look forward to working with Facebook and Mr. Zuckerberg to determine a … Continue reading this entry

Cyberintrusions by Russia put US power infrastructure in jeopardy!

The Washington Post reported that “Since at least March 2016… Russian hackers have ‘targeted U.S. government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.’”  The March 16, 2018 report entitled “Why Russian hackers aren’t poised to plunge the United States into darkness” includes this … Continue reading this entry

Yahoo’s ToS limitations of liabilities challenged in Cyberbreach of 3 billion users!

Reuters reported that Judge Lucy Kohl ruled that “the plaintiffs could try to show that liability limits in Yahoo’s terms of service were “unconscionable,” given the allegations that Yahoo knew its security was deficient but did little.” The March 12, 2018 article entitled “Data breach victims can sue Yahoo in the United States” included these … Continue reading this entry

Tax phishing attacks leads to theft of millions of passwords at Office365 (think Microsoft)!

Darkreading.com reported a “new wave of phishing attacks aims to dupe users and steal their passwords by disguising malicious emails as tax-related notifications from the IRS.” The March 2, 2018 report entitled “Millions of Office 365 Accounts Hit with Password Stealers” included these comments: Barracuda Networks last month flagged a “critical alert” when it detected … Continue reading this entry

Equifax only had $75M in cybersecurity insurance but expect claims of at least $275M!

Reuters reported that Equifax’s 2017 cyber incident where +147M consumers’ data was stolen included “costs mainly reflect technology and data security upgrades, legal fees, and free identity theft protection and credit monitoring offered to the more than 147 million consumers affected by the cyber security incident.”  The March 2, 2018 report entitled “Equifax expects $200 … Continue reading this entry

What took the SEC so long to adopt Cybersecurity Disclosure requirements?

The Securities and Exchange Commission (SEC) Chairman Jay Clayton announced the SEC’s approval of the “Commission Statement and Guidance on Public Company Cybersecurity Disclosures” under which “the disclosure requirements under the federal securities laws that public operating companies must pay particular attention to when considering their disclosure obligations with respect to cybersecurity risks and incidents.”  … Continue reading this entry

Cybersecurity threats targeted at State elections?

The Washington Post wrote an article that “State officials have been scrambling to address vulnerabilities in their systems, particularly since the fall, when the Department of Homeland Security disclosed the attempts on the 21 states. Though it is not believed there were further attacks, experts say Russian operatives may have been laying the groundwork for … Continue reading this entry

New US Attorney has extensive Cybersecurity experience!

TexasLawyer.com recently interviewed Erin Nealy Cox (US Attorney for the Northern District of Texas since November 2017) who described her  “…expertise in cybersecurity will help me identify and communicate the threats to the affected communities so they can understand and craft solutions needed to defend themselves; and it will help me ensure that my prosecutors … Continue reading this entry

Watch Out! Cyberattack scams the FBI impersonating the Internet Complaint Center (IC3)!

Darkreading reports that there has been a new cyberattack at the FBI Internet Crime Complaint Center (IC3) which “scams people into providing personal data and downloading malicious files by impersonating the”… IC3…which is “intended to give the public a reliable means of reporting suspected illegal activity online.”  The February 2, 2018 report entitled “Cyberattack Impersonates … Continue reading this entry

Cybersecurity Software: Kaspersky Lab filed a lawsuit against US government to enjoin federal ban!

Darkreading reported that Kaspersky Lab’s filed a motion for injunctive relief against the Department of Homeland Security’s ban which has “caused considerable reputational damage and loss of sales to the company in North America. The debarment has precluded Kaspersky Lab from doing business with the US federal government, while hurting its consumer and commercial business … Continue reading this entry

Did you know that Artificial Intelligence (“AI” aka Machine Learning “ML”) is critical in Cybersecurity?

Darkreading’s recent article identified goals of using ML in Cybersecurity “To make a broad statement, we are trying to use ML to identify malicious behavior or malicious entities; call them hackers, attackers, malware, unwanted behavior, etc. In other words, it comes down to finding anomalies.”  The January 11, 2018 article entitled “AI in Cybersecurity: Where … Continue reading this entry

You don’t want to hear this - Chip makers confess that every computer in the world is at cyber risk!

Every single computer (including cells, tablets, PCs, & servers) has a Central Processing Unit (CPU) made by Intel, AMD, & ARM and security experts found “two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers and servers running in so-called cloud computer networks.”  … Continue reading this entry

Of course, testing is 1 of the 5 easy steps to beat Ransomware!

Unitrends issued a white paper which stated that “the truth is that all industries are vulnerable to ransomware. Email, databases and business applications run on similar infrastructure and operating systems across all industries.”  The white paper was entitled “Beat Ransomware in 5 Easy Steps, Be Prepared to Fight or Be Prepared to Pay” included these … Continue reading this entry

Note to Ransomware Criminals – North Carolina Counties will not pay ransom…so go elsewhere!

The New York Times reported that Mecklenburg County, North Carolina (which includes the city of Charlotte) refused to “pay a $23,000 ransom to a group of hackers who seized control of several government computer systems” and the County was operating without “the internet, civil servants were doing their jobs using “paper processes.””  The December 6, … Continue reading this entry

Are you kidding me? Only 15% of US companies have insurance for their data!

One might conclude it makes a lot of sense to insure business data after considering Tableau’s report that included Ponemon’s estimate that the “average total cost of a data breach was estimated at $3.62 million.”  The December 2017 report entitled “2018 Top 10 Business Intelligence Trends” included the #5 Rise of the Chief Data Officer … Continue reading this entry

Uber paid a ransom to hackers who stole 57 million Uber records last year!

The New York Times reported that Uber fired it security officer after “two hackers stole data about the company’s riders and drivers — including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data.” The November 21, 2017 report entitled … Continue reading this entry

FBI recommends two-factor authentication & training to thwart Spearphishing!

Among a number of recommendations to avoid Spearphishing (aka Business Email Compromise – BEC) the FBI recommends that “employees to use two-factor authentication to access corporate e-mail accounts.” The November 14, 2017 FBI News Report entitled “FBI Tech Tuesday—Digital Defense Against Business E-mail Compromises” included this advice about training employees to: watch for suspicious requests, … Continue reading this entry

100% of businesses affected by mobile malware (think BYOD)!

Darkreading reported that every “business with BYOD and corporate mobile device users across the globe has been exposed to mobile malware.”  The November 17, 2017 report entitled “Mobile Malware Incidents Hit 100% of Businesses” included these comments: …BYOD devices are usually more susceptible to attack than corporate devices because they are not managed by such … Continue reading this entry

Whoa! Did you know that Equifax claims to own your data?

In testimony before the US Senate we hear that “Equifax, and not consumers, that owns all the granular data collected about them, and that consumers cannot request to exit the company’s files.”  The Washington Post’s report on November 8, 2017 entitled “Equifax says it owns all its data about you” started with the comment that … Continue reading this entry

Think twice before relying on search engine results since they may have MALWARE links!

Darkreading reported that criminals are “using Search Engine Optimization (SEO) to populate search results with malicious links and distribute the Zeus Panda Banking Trojan through a compromised Word document.”  The November 3, 2017 article entitled “Hackers Poison Google Search Results to Deliver Zeus Panda” included these comments: SEO enables hackers to make their links more … Continue reading this entry

Watch out!! “Mobile Messaging Apps” are the new home for the Dark Web!

Darkreading reported that “mobile messaging apps are rising in favor as the newest Dark Web alternatives that crooks have landed upon to do business with one another.”   The October 26, 2017 report entitled “Dark Web Marketplaces’ New Home: Mobile Messaging Apps”  has the subtitle “Telegram, Discord, Whatsapp grow in popularity as criminals look for more … Continue reading this entry

Over 1 billion views of RT (Russian News channel) on YouTube since 2013!

The New York Times report is about “723 Internet Years Old” (think 4 human years) that a YouTube VP joined a state-backed Russian news channel “RT anchor in a studio, where he praised RT for bonding with viewers by providing “authentic” content instead of “agendas or propaganda.””  The October 23, 2017 report entitled “Russia’s Favored … Continue reading this entry

Did Facebook delete Russian bought ads because of a bug?

The Washington Post wrote that Facebook “it has merely corrected a “bug” that allowed [Jonathan] Albright, who is research director of the Tow Center for Digital Journalism at Columbia University, to access information he never should have been able to find in the first place.”  The October 12, 2017 article entitled “Facebook takes down data … Continue reading this entry

Google confesses that Russia bought Google Search and YouTube ads to influence the 2016 election!

The Washington Post reported that Google admitted that it “found that tens of thousands of dollars were spent on ads by Russian agents who aimed to spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search, Gmail, and the company’s DoubleClick ad network.” The October 9, 2017 report … Continue reading this entry