DarkReading.com reported that “Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.”  The September 13, 2022 report entitled “Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign” (https://www.darkreading.com/attacks-breaches/cyberattackers-abuse-facebook-ad-manager-credential-harvesting-campaign) included these comments:

According to a Tuesday report by the security research

Continue Reading Watch out for Cyberattackers at the Facebook Ad Manager!

DataBreachToday.com reported that “A web3 security company that offers smart contract audits to blockchain companies found itself on the receiving end of an exploitable flaw when two individuals stole hundreds of non-fungible tokens during the minting stag.”  The September 6, 2022 report entitled “Smart Contract Auditing Firm Suffers Smart

Continue Reading Watch out for Smart Contracts since Smart Contract Auditing Firm was exploited!

HealthCareInfoSecurity.com reported that “An attacker stole $1.25 million worth of cryptocurrency from newly established decentralized finance protocol New Free DAO in a flash loan attack on Thursday. The thief has cashed out nearly half of the stolen funds so far.” The September 9, 2022 report entitled “$1.3 Million Stolen From

Continue Reading $1.3M stolen from a DAO!

BankInfoSecurity.com reported that “The latest edition of the ISMG Security Report discusses how ransomware-as-a-service groups are shifting their business models, how investigators battling cybercrime have been hindered by GDPR, and how employees consider workplace “choice” a key factor for job satisfaction.”  The August 25, 2022 article entitled “Are Ransomware-as-a-Service

Continue Reading Apparently Ransomware-as-a-Service (RaaS) Groups are in a decline.

My good friend Judy Greenwald reported for BusinessInsurance.com that “Lloyd’s of London will require standalone cyber policies to include state-backed cyberattack exclusions beginning in March 2023, it said in a market bulletin this week.”  The August 18, 2022 article entitled “Lloyd’s requiring state-backed cyberattack exclusions” included these comments

Continue Reading Cyberinsurance exclusions for State-Backed Cyberattacks!

DarkReading.com reported that “Organizations lack sufficient levels of cyber-insurance coverage to protect themselves in case of a ransomware attack, with just 14% of businesses with 1,400 or fewer employees boasting coverage limits above $600,000.”  The August 11, 2022 article entitled “Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage” included

Continue Reading Do you have adequate Ransomware Cyber Insurance Coverage?

BankInfoSecurity.com reported that the “…U.S. Federal Trade Commission today initiated a potentially years-long attempt to impose new data security and privacy regulations onto the American economy.” The August 11, 2022 article entitled “FTC Initiates Privacy and Data Security Rule-Making” included these comments from FTC Chair Lina Khan:

A

Continue Reading FTC planning to establish Privacy & Data Security Laws

BankInfoSecurity.com reported that “The U.S. Federal Trade Commission is investigating the operators of a cryptocurrency platform that lost $200 million of investor funds in one of the biggest crypto cyberattacks of 2021.”  The August 11, 2022 report entitled “FTC Probes BitMart After $200M Theft at Crypto Exchange” included

Continue Reading FTC Investigating BitMart After $200M Crypto Theft!

BankInfoSecurity.com reported about BitMEX that “A high-ranking employee at a cryptocurrency exchange with U.S. operations has pleaded guilty to violating the Bank Secrecy Act [BSA]. The law requires financial institutions to help U.S. government agencies prevent money laundering.”  The August 9, 2022 article entitled “Fresh Guilty Plea Follows Crackdown

Continue Reading Bitcoin Mercantile Exchange (BitMEX) employee pleads guilty to violation of Bank Secrecy Act!