Uncategorized

Subscribe to Uncategorized via RSS

The FederalRegister.gov posted that the “Federal Insurance Office (FIO) is seeking comments from the public on questions related to cyber insurance and catastrophic cyber incidents….on or before November 14, 2022.”  The September 29, 2022 posting entitled “Potential Federal Insurance Response, to Catastrophic Cyber Incidents” (https://www.federalregister.gov/documents/2022/09/29/2022-21133/potential-federal-insurance-response-to-catastrophic-cyber-incidents) included these comments:

Cyber insurance

Continue Reading Please submit your comments about Federal Insurance for Catastrophic Cyber Incidents!

HealthCareInfoSecurity.com reported “Cyberthreat actors exploiting medical device vulnerabilities adversely impact healthcare facilities’ operational functions, patient safety, data confidentiality and data integrity…”. The September 14, 2022 report entitled “FBI Warns of Cyberthreats to Legacy Medical Devices” (https://www.healthcareinfosecurity.com/fbi-warns-cyberthreats-to-legacy-medical-devices-a-20066?rf=2022-09-15_ENEWS_SUB_HIS__Slot1_ART20066&mkt_tok=MDUxLVpYSS0yMzcAAAGG4L6cKnVVwllFs3q4RXf_0i0bwYVRe-K3Lbj_wAa1RRm-cg4EuJzOEOrNSVP4lCwykoyXMS2o6btZX16PNUgkxn_FbiAXrlyFSCXfa4MUHUwRWQEDfA) included these recommended steps from the FBI:

  • Using anti-malware software on an
Continue Reading Medical devices are targets for cyberattacks!

DarkReading.com reported that “Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.”  The September 13, 2022 report entitled “Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign” (https://www.darkreading.com/attacks-breaches/cyberattackers-abuse-facebook-ad-manager-credential-harvesting-campaign) included these comments:

According to a Tuesday report by the security research

Continue Reading Watch out for Cyberattackers at the Facebook Ad Manager!

DataBreachToday.com reported that “A web3 security company that offers smart contract audits to blockchain companies found itself on the receiving end of an exploitable flaw when two individuals stole hundreds of non-fungible tokens during the minting stag.”  The September 6, 2022 report entitled “Smart Contract Auditing Firm Suffers Smart

Continue Reading Watch out for Smart Contracts since Smart Contract Auditing Firm was exploited!

HealthCareInfoSecurity.com reported that “An attacker stole $1.25 million worth of cryptocurrency from newly established decentralized finance protocol New Free DAO in a flash loan attack on Thursday. The thief has cashed out nearly half of the stolen funds so far.” The September 9, 2022 report entitled “$1.3 Million Stolen From

Continue Reading $1.3M stolen from a DAO!

BankInfoSecurity.com reported that “The latest edition of the ISMG Security Report discusses how ransomware-as-a-service groups are shifting their business models, how investigators battling cybercrime have been hindered by GDPR, and how employees consider workplace “choice” a key factor for job satisfaction.”  The August 25, 2022 article entitled “Are Ransomware-as-a-Service

Continue Reading Apparently Ransomware-as-a-Service (RaaS) Groups are in a decline.

My good friend Judy Greenwald reported for BusinessInsurance.com that “Lloyd’s of London will require standalone cyber policies to include state-backed cyberattack exclusions beginning in March 2023, it said in a market bulletin this week.”  The August 18, 2022 article entitled “Lloyd’s requiring state-backed cyberattack exclusions” included these comments

Continue Reading Cyberinsurance exclusions for State-Backed Cyberattacks!

DarkReading.com reported that “Organizations lack sufficient levels of cyber-insurance coverage to protect themselves in case of a ransomware attack, with just 14% of businesses with 1,400 or fewer employees boasting coverage limits above $600,000.”  The August 11, 2022 article entitled “Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage” included

Continue Reading Do you have adequate Ransomware Cyber Insurance Coverage?

BankInfoSecurity.com reported that the “…U.S. Federal Trade Commission today initiated a potentially years-long attempt to impose new data security and privacy regulations onto the American economy.” The August 11, 2022 article entitled “FTC Initiates Privacy and Data Security Rule-Making” included these comments from FTC Chair Lina Khan:

A

Continue Reading FTC planning to establish Privacy & Data Security Laws