GovInfoSecurity.com reported  “A hacking group the Ukrainian government says is a unit of Russian intelligence attempted earlier this year to compromise a large petroleum refining company based inside a NATO member, new research charges.” A December 20, 2022 report entitled “Russian Hackers Targeted Oil Refinery Firm in NATO Country” (

Continue Reading Russians cyber attacks target a NATO petroleum refinery!

DarkReading.com reported that Microsoft issued a report about “this new botnet is used to launch distributed denial-of-service (DDoS) attacks on Minecraft servers, which might sound like kid stuff. But enterprises should take note because of the botnet’s ability to target both Windows and Linux devices, spread quickly, and avoid detection, the Microsoft

Continue Reading Watch out for DDoS on Minecraft servers!

HealthCareInfoSecurity.com reported “Federal regulators slapped a California dental practice with a $23,000 fine and corrective action plan after its owner responded to negative Yelp reviews by posting patient data online.”  The December 14, 2022 article entitled “Dental Practice Hit With HIPAA Fine for Posting PHI on Yelp” (https://tinyurl.com/2p9b4acn)

Continue Reading Yelp postings leads to an OCR fine for posting PHI and violating HIPAA!

BankInfoSecurity.com reported that “U.S. federal law enforcement arrested four members of a business email conspiracy and credit card fraud ring, alleging they collectively tricked legitimate businesses into enriching them by $9.2 million.”  The December 9, 2022 report entitled “US Law Enforcement Arrests 4 for Business Email Compromise” (https://tinyurl.com/wsfb39vj)

Continue Reading Business Email Compromise (BEC or Spearphishing) continues to grow!

HelpNetSecurity.com reported that Rackspace disclosed that “on Friday, December 2nd, 2022, we became aware of suspicious activity and immediately took proactive measures to isolate the Hosted Exchange environment to contain the incident. We have since determined this suspicious activity was the result of a ransomware incident,…”  The December 6, 2022

Continue Reading Ransomware attack caused Rackspace outage!

HealthInfoSecurity.com reported “Federal regulators warned healthcare entities over commercial web traffic trackers embedded into patient portals, saying their use may violate patient privacy law.”  The December 1, 2022 report entitled ” HHS: Web Trackers in Patient Portals Violate HIPAA” (https://tinyurl.com/y4fdbpfk) included these comments:

A Department of Health and

Continue Reading Are your web trackers violating HIPAA?

DataBreachToday.com reported that “…the dumped database says it includes the 5.4 million users’ usernames, display names, bios, locations, email addresses and phone numbers. The attacker amassed the data by exploiting APIs tied to the “let others find you by your phone” feature.”  The November 28, 2022 report entitled ” Cybercrime

Continue Reading 5.4Million Twitter Users’ Data Posted Online for free!

HealthCareInfoSecurity.com reported that “Total losses tied to business email compromise theft domestically and internationally totaled $43.3 billion from June 2016 through December 2021, according to the most recent FBI Internet Crime Complaint Center annual report (https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf).” The November 19, 2022 report entitled ” DOJ Charges 10 With BEC

Continue Reading Since 2016 there has been more than $43B in Spearphishing (aka Business Email Comprise) attacks!

DarkReading.com reported that “Organizations are struggling with mounting data losses, increased downtime, and rising recovery costs due to cyberattacks — to the tune of $1.06 million in costs per incident. Meanwhile, IT security staffs are stalled on getting defenses up to speed.” The November 17, 2022 article entitled “Zero-Trust Initiatives Stall, as

Continue Reading Cyberattacks now cost at least $1M per incident!

DataBreachToday.com reported that “Bankrupt cryptocurrency exchange platform FTX says unsanctioned actors made off with customers’ digital assets, initiating a scramble to cut off digital wallets from the internet.”  The November 14, 2022 report entitled “’Unauthorized Transactions’ Lead to Missing Funds at FTX” (https://tinyurl.com/4jnumzjy) included these comments:

FTX filed

Continue Reading FTX cryptocurrency bankruptcy began with “Unauthorized Transactions”!