On May 30, 2022, Microsoft issued an alert regarding a vulnerability in its Microsoft Support Diagnostic Tool that can be exploited using Microsoft Office documents and results in the unauthorized installation of programs or access to data.The vulnerability evades common protections associated with Microsoft Office documents, requires minimal user interaction, and can be used by a remote attacker to execute arbitrary code, escalate privileges to fully take over a machine, or deploy additional malware.
Read more »Tag: ransomware
-
The “Follina” Vulnerability: Microsoft Support Diagnostic Tool Alert for Zero Day Exploit CVE-2022-30190 Posted on: June 27, 2022 In: Data Privacy & Cybersecurity
-
North Carolina Prohibits Ransom Payments by State and Local Government Agencies Posted on: June 24, 2022 In: Data Privacy & Cybersecurity
North Carolina made national headlines recently as the first state to prohibit state agencies and local government entities from paying a ransom following an attack. But N.C. Gen. Stat. § 143-800 goes one step further, prohibiting those entities from even communicating with a threat actor following an attack.
Read more »
-
UPDATE: Strengthening American Cybersecurity Act of 2022 Signed Into Law Posted on: March 28, 2022 In: Data Privacy & Cybersecurity
On March 15, 2022, the Strengthening American Cybersecurity Act, which includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law by President Biden, thereby creating new reporting requirements for critical infrastructure entities. Under the Act, entities considered to be critical infrastructure must notify the Cybersecurity and Infrastructure Security Agency within 72 hours of discovering a covered cyber incident and within 24 hours of a ransomware payment.
Read more »
-
Standing Up the Strengthening American Cybersecurity Act of 2022 Posted on: March 16, 2022 In: Data Privacy & Cybersecurity
The U.S. Senate unanimously passed the Strengthening American Cybersecurity Act on March 1, 2022. If signed into law, it would create an affirmative obligation for critical infrastructure entities across 16 federally designated critical infrastructure sectors, including energy and financial services, to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency.
Read more »
-
FinCEN Alert: Malware/Ransomware Updates & New Perimeter Device Vulnerability Posted on: March 08, 2022 In: Data Privacy & Cybersecurity
There have recently been a number of developments in cybersecurity due to the Russia/Ukraine conflict. The Financial Crimes Enforcement Network (FinCEN) released an alert on March 7 advising all financial institutions to be vigilant against efforts to evade sanctions imposed in connection with the Russian invasion of Ukraine. The primary focus of the alert appears to be eliciting cooperation of financial institutions in identifying hidden Russian and Belarusian assets.
Read more »
-
Russia-Ukraine Conflict: Ransomware Updates & Cybersecurity Consequences Posted on: February 28, 2022 In: Data Privacy & Cybersecurity
With cyberwarfare in the headlines due to the Russia-Ukraine conflict, it is another reminder that we must maintain a sense of urgency about our information security. We need to continuously harden our systems, which includes increasing the speed with which we implement software and operating system updates, deploying heuristic-based endpoint detection and response (EDR) tools, regularly conducting vulnerability scans, enhancing our logging and event management processes, and more.
Read more »
-
Cyber Extortion: Harvesting the Fruits of Business Email Compromises Posted on: February 25, 2022 In: Data Privacy & Cybersecurity
Business email compromises have long been the staple of online criminal activity. As they continue to enhance their ability to monetize unlawful access to email accounts, malicious actors are now accessing and downloading emails and attachments, as well as files stored in OneDrive and SharePoint platforms, and using the sensitive information to extort ransom payments from legitimate email account holders.
Read more »
-
OFAC September 2021 Advisory: Illusory Solutions to Soften the Enforcement Threat? Posted on: September 22, 2021 In: Data Privacy & Cybersecurity
On September 21, 2021, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an updated advisory on potential sanctions risks for facilitating ransomware payments. The sanctions have been authorized by the International Emergency Economic Powers Act and the Trading with the Enemy Act with the purpose of disrupting funding for malicious cyber activities and limiting activities that may be adverse to U.S. national security and foreign policy objectives.
Read more »
-
Backup, Separate, & Secure: White House Cyber Recommendations Reach the Private Sector Posted on: June 07, 2021 In: Data Privacy & Cybersecurity
On Wednesday, June 2, Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger released an open letter encouraging businesses within the private sector to adopt immediate protections against ransomware and other cybersecurity threats. The recommendations in the letter are helpful and highlight high-level lessons learned from the increasing frequency and severity of ransomware attacks.
Read more »
-
Expect the Best, but Prepare for the Worst: 5 Practical Steps to Take Before a Ransomware Attack Posted on: April 22, 2021 In: Data Privacy & Cybersecurity
Last month, we wrote about steps to take after experiencing a ransomware event. This month, as ransomware events continue to grow in number and severity, we now share the following five practical tips to implement before a ransomware event. These tips should help you bolster your defenses and reduce the havoc a ransomware attack can have on your business.
Read more »
-
ALERT: Microsoft Exchange Vulnerabilities Used to Deploy Ransomware Posted on: March 15, 2021 In: Data Privacy & Cybersecurity
On March 11, 2021, Microsoft acknowledged that the recently disclosed Microsoft Exchange vulnerabilities were being used to facilitate ransomware attacks. The four vulnerabilities – known as vulnerabilities CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065 – have been exploited by attackers to compromise systems beyond the Exchange server.
Read more »
-
You’ve Experienced a Ransomware Attack - Now What? 5 Practical Steps to Take In Response to a Ransomware Attack Posted on: March 11, 2021 In: Data Privacy & Cybersecurity
By now, most of you know that due to the COVID-19 pandemic and the shift to remote work, data security incidents increased both in number and severity in 2020 and show no signs of slowing down in 2021. What you may not know, however, is what to do when your business experiences a ransomware attack. This post details five steps your organization should take immediately to reduce the impact of the attack.
Read more »