********* FBI Warns of Holiday Scams The bad guys have a business plan, and YOU are their TARGET customer. Ad Phishing – Internet Crime Complaint Center (IC3) | Cyber Criminals Impersonating Brands Using Search Engine Advertisement The FBI is warning the public that cybercriminals are using search engine advertisement services to impersonate brands […]
Read MoreCategory: Cyber/Privacy
Schools Breached – Illuminate Education Breach is National
Illuminate Education Breach Notice Public and Charter schools impacted, learn which ones, and what brands of software. What occurred ? Illuminate education was breached. The illumination breach occurred between December 28th and January 8th. The extent of the breach appears substantial. Additional information continues to come to light. New York Schools Impacted. According to the […]
Read MoreMFA’s new enemy – Sim swap fraud
SIM card swap fraud You setup MFA, (Multi Factor Authentication) so you can get a security text. Awesome. You’re good right ? Well, not so fast…. Telephony thieves are stealing SIM Cards as a method to breach your important systems. These are the systems you made sure to protect with MFA. The methods they use […]
Read MoreNew York SHIELD Act the second anniversary
SHIELD – Now 2 Years Old !! The New York shield act quietly celebrated its second anniversary on March 21, 2022. Did you miss the anniversary ? Just as quietly as it became effective in March, 2020. Clearly overshadowed by COVID, the SHEILD act modifies the New York’s 2005 Information Security Breach and Notification Act […]
Read MoreHow dangerous is the The Apache Log4J vulnerability ?
How dangerous is the The Apache Log4J vulnerability ? How does a 10 out of 10 CVSS Severity level ( CVSS is an industry-standard vulnerability metric) “Various information security news outlets reported on the discovery of critical vulnerability CVE-2021-44228 in the Apache Log4j library (CVSS severity level 10 out of 10). Millions of Java applications use […]
Read MoreThe importance of MFA or 2FA, recent threats and public guidance
Recently, Microsoft released public guidance regarding a series of targeted attacks coordinated by the Russian linked hacking group Nobelium. Nobelium is the state sponsored group that is thought to have facilitated the massive attacks on the company SolarWinds that was first reported to the public in 2020. As we have seen with attacks of a similar nature, the action […]
Read MoreData Compromises for 2021 up 17pct over 2020
Data breach publicly reported through the first 3 quarters of 2021 are up 17% over the same period in 2020. According to the Identity Theft Center, a non profit focused on collecting such data since 2005. ITRC’s Q3 First Half Data Breach Analysis, the number of publicly-reported data compromises through September 30, 2021 has exceeded […]
Read MoreOctober is Cyber Awareness Month
Use this month to do a real check on your business or personal cyber awareness CISA has published a weekly checklist In 2021, CISA and NCSA will focus on the following areas in our promotions and outreach: Week of October 4 (Week 1): Be Cyber Smart. Week of October 11 (Week 2): Phight the Phish! Week of October 18 (Week […]
Read More