You are here

Home

Cybersecurity

Breach Awareness – Cyber Attack on Third-Party Digital Records Vendor Impacts Local Governments Across Nation

StateScoop has written an article discussing the impacts of a cyberattack against Cott Systems, a nationwide digital records management vendor reportedly utilized by approximately 400 local governments across 21 states. On December 26th, the company alerted customers that they had detected “unusual activity” on internal servers and were taking their network offline. Cott Systems has not yet provided a recovery timeline for its customers, but states that no customer data appears to be affected.

Informational: Data Breach Notification Digest (January 5, 2023)

From time to time (more often, than not) data breaches are disclosed regarding widely used or well-known products, platforms, and organizations. Individually, each notice may seem less significant to report on in the sea of cyber threats and vulnerabilities, but nonetheless may be important for general awareness. Some data breaches may be associated with or an update to a prior cyber attack notification, such as data that was discovered/confirmed stolen after a ransomware attack.

Phishing, Ransomware, and other Threats Continued to Plague Email Security in 2022

Email security continues to challenge organizations large and small and remains one of the principal attack vectors in which threat actors gain access to a company before conducting further malicious activity, such as ransomware attacks. While security teams continuously combat email security with controls such as encryption and business email compromise protection, fundamentally, email security is about people.

Ransomware Awareness – New Extortion Tactic Uses Spoofed Website of Victim to Publish Stolen Data

ALPHV/BlackCat, one of 2022’s most notable ransomware menaces, continues to evolve its data extortion tactics in ongoing attempts to coerce victims into paying. The most recent tactic involves the group creating a replica of a victim’s website to publish stolen data openly on the internet. While the domain name and appearance of the website closely resembles the victim’s legitimate site, ALPHV uses its own directory structure to organize the leaked data.

Pages

Subscribe to Cybersecurity