While ransomware variants like GandCrab, Ryuk, and WannaCry have received a lot of attention and cost their victims significant amounts of money, these attacks are rarely accompanied by a credible threat to expose sensitive data. These threat actors are able to monetize their attacks with the extortion payments alone. However, a variant known as Maze (or ChaCha) could change that equation.
Read more »Data Privacy & Cybersecurity
-
Threat Intelligence: Maze Ransomware Variant Posted on: December 09, 2019 In: Data Privacy & Cybersecurity
-
‘Tis The Season: Online Shopping Tips Posted on: December 02, 2019 In: Data Privacy & Cybersecurity
Online shopping is a great way to save time and money, especially over the holidays. However, it can leave you – and your information – vulnerable to malicious actors ready to exploit holiday shoppers. Make your data privacy a priority this holiday season by taking time for some simple cybersecurity-related precautions.
Read more »
-
Legislative Alert: California Expands Definition of Personal Information Posted on: November 01, 2019 In: Data Privacy & Cybersecurity
On October 11, 2019, California Governor Gavin Newsom signed into law Assembly Bill 1130, which amends The Information Practices Act of 1977, as well as California Civil Code §§ 1798.29, 1798.81.5 and 1798.82. The bill expands the definition of “personal information” under the California data breach notification statutes applicable to businesses and to government agencies.
Read more »
-
Keeping the Creeps Off Your Computer: Tips to Avoid Scareware & Scare Scams Posted on: October 29, 2019 In: Data Privacy & Cybersecurity
Halloween is a great time to masquerade as your favorite supernatural or otherworldly character, generating harmless screams and candy. Not so harmless is the fear that scammers create by pretending to know something about you or your cyber system in order to scare you into sending them money.
Read more »
-
Amendments to the California Consumer Privacy Act Signed Into Law Posted on: October 25, 2019 In: Data Privacy & Cybersecurity
As we near the January 1, 2020 effective date of the California Consumer Privacy Act (CCPA), the California legislature has passed seven amendments to the expansive privacy statute: AB 25, 874, 1130, 1146, 1202, 1355, and 1564. Notably, the amendments alleviate some business concerns by expanding a business’ ability to verify consumer requests under the CCPA.
Read more »
-
Illinois Amends Student Online Personal Protection Act, Adding Data Breach Notification Provisions Posted on: September 17, 2019 In: Data Privacy & Cybersecurity
On August 23, 2019, Illinois Governor J.B. Pritzker signed into law the Student Online Personal Protection Act of 2019 (SOPPA). Amending the previous version of SOPPA, this ambitious legislation gives parents greater control over student data, imposes new breach notification requirements, and regulates the collection and use of student data.
Read more »
-
Ransomware Attack Trends: Tips for Prevention & Response Posted on: September 09, 2019 In: Data Privacy & Cybersecurity
Ransomware continues to cause severe disruptions and the loss of critical data within business information systems. It is also leveraging the use of certain providers and tools to increase its devastation and profit.
Read more »
-
Business Email Compromises: Tips for Prevention & Response Posted on: September 03, 2019 In: Data Privacy & Cybersecurity
Malicious attackers continue to use email platforms for nefarious purposes. The resulting email account compromises can present multiple dangers to a business, including to the basic security of its network and sensitive information, and the malicious use of secondary sources of money.
Read more »
-
Legislative Alert: New York Expands Data Breach Obligations for Credit Reporting Agencies Posted on: August 15, 2019 In: Data Privacy & Cybersecurity
New York Governor Andrew Cuomo has signed into law Senate Bill S3582, which further expands obligations owed to consumers when a data security breach affects a credit reporting agency.
Read more »
-
Legislative Alert: New York Amends Its Data Breach Notification Law Posted on: August 12, 2019 In: Data Privacy & Cybersecurity
New York Governor Andrew Cuomo signed into law the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, Senate Bill 5575B/Assembly Bill 5635B. The SHIELD Act updates the state’s existing data breach notification law, N.Y. Gen. Bus. Law § 899-aa, and creates a new section, § 899-bb, requiring reasonable data security for “private information” and granting enforcement powers to the attorney general against non-compliant entities.
Read more »
-
Shutting Down the Factory: Why the Manufacturing Sector Must Pay More Attention to Cyber Attackers Posted on: July 23, 2019 In: Data Privacy & Cybersecurity
On any given day, the manufacturing business is fraught with challenges, from supply chain issues to personnel matters, pricing strategies, competition, and customer acquisition. The last thing a company needs or wants is to be a target in the crosshairs of overseas criminals who treat the company’s operating capital as a piggy bank to be cracked open.
Read more »
-
Ransomware Reminders: Implementing Best Practices & Avoiding the Biggest Mistakes Posted on: June 27, 2019 In: Data Privacy & Cybersecurity
Ransomware continues to ravage systems across the globe in part because, unlike more typical malware, its lifespan on a computer is incredibly short. Recent strains like Ryuk and BitPaymer encrypt files and deliver their ransomware messages within seconds of appearance on a victim’s computer, leaving little time for detection and defense. The FBI recently alerted data security professionals worldwide to be aware of yet another new variant – this one called RobbinHood – that follows similar attack vectors.
Read more »