Cybersecurity

Informational: Data Breach Notification Digest (January 5, 2023)

From time to time (more often, than not) data breaches are disclosed regarding widely used or well-known products, platforms, and organizations. Individually, each notice may seem less significant to report on in the sea of cyber threats and vulnerabilities, but nonetheless may be important for general awareness. Some data breaches may be associated with or an update to a prior cyber attack notification, such as data that was discovered/confirmed stolen after a ransomware attack.

Read more about Informational: Data Breach Notification Digest (January 5, 2023)

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - January 5, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - January 5, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - January 3, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

None

Alerts, Updates, and Bulletins:

None

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - January 3, 2023

Phishing, Ransomware, and other Threats Continued to Plague Email Security in 2022

Email security continues to challenge organizations large and small and remains one of the principal attack vectors in which threat actors gain access to a company before conducting further malicious activity, such as ransomware attacks. While security teams continuously combat email security with controls such as encryption and business email compromise protection, fundamentally, email security is about people.

Read more about Phishing, Ransomware, and other Threats Continued to Plague Email Security in 2022

Ransomware Awareness – New Extortion Tactic Uses Spoofed Website of Victim to Publish Stolen Data

ALPHV/BlackCat, one of 2022’s most notable ransomware menaces, continues to evolve its data extortion tactics in ongoing attempts to coerce victims into paying. The most recent tactic involves the group creating a replica of a victim’s website to publish stolen data openly on the internet. While the domain name and appearance of the website closely resembles the victim’s legitimate site, ALPHV uses its own directory structure to organize the leaked data.

Read more about Ransomware Awareness – New Extortion Tactic Uses Spoofed Website of Victim to Publish Stolen Data

In 2022 Ransomware Attacks Disrupted Over Two Hundred Local Governments and Other Organizations

During 2022, more than 200 organizations in the government, healthcare, and education sectors were compromised by ransomware in the U.S., a similar number of incidents to the previous year, according to cybersecurity company Emsisoft.

Read more about In 2022 Ransomware Attacks Disrupted Over Two Hundred Local Governments and Other Organizations

Security Awareness – Third Quarter of 2022 Saw the Most Phishing Attacks Ever Observed

Phishing attacks during the third quarter of this year were their highest number ever observed, according to a new report from the Anti-Phishing Working Group (APWG). The report, Phishing Activity Trends Report 3rd Quarter 2022, detected 1,270,883 total phishing attacks.

Read more about Security Awareness – Third Quarter of 2022 Saw the Most Phishing Attacks Ever Observed

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - December 29, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

None

Alerts, Updates, and Bulletins:

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - December 29, 2022

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - December 27, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

None

Alerts, Updates, and Bulletins:

None

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - December 27, 2022

VIP Impersonation Phishing Attack in Microsoft Office 365 targeted 100,000 Users

Security researchers at Amorblox recently published a report on a phishing impersonation attack in a Microsoft Office 365 environment that targeted 100,000 mailboxes at a large educational institution. The researchers were able to thwart the attack by using Natural Language Understanding, which is a type of artificial intelligence program.

Read more about VIP Impersonation Phishing Attack in Microsoft Office 365 targeted 100,000 Users

You are here

Cybersecurity

Informational: Data Breach Notification Digest (January 5, 2023)

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - January 5, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - January 3, 2023

Phishing, Ransomware, and other Threats Continued to Plague Email Security in 2022

Ransomware Awareness – New Extortion Tactic Uses Spoofed Website of Victim to Publish Stolen Data

In 2022 Ransomware Attacks Disrupted Over Two Hundred Local Governments and Other Organizations

Security Awareness – Third Quarter of 2022 Saw the Most Phishing Attacks Ever Observed

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - December 29, 2022

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - December 27, 2022

VIP Impersonation Phishing Attack in Microsoft Office 365 targeted 100,000 Users

Pages

You are here

Cybersecurity

Pages

Footer Email Signup