The lead story touches on Child Privacy laws which are typical federal regulations and thus far more reaching than Adult Privacy laws which are optional for states. Also a wide range of email based stories around cost, attack vectors, and current campaigns.
General
- TikTok sued by Justice Department over child privacy violations impacting millions – There are a lot more controls around Child Privacy than the adult version, including a Federal regulation (COPPA) which has provisions for children under the age of 13.
- Email attacks skyrocket 293% – plus Ransomware remains top threat for small/medium organizations and Supply Chain continues to be a target.
- Average data breach cost jumps to $4.88 million, collateral damage increased.
- 4.6M Illinois voter records Data Exposed in 13 Misconfigured Databases.
Cyber Attacks
- Thousands of Devices Wiped Remotely Following Mobile Guardian Hack – Many of those impacted were from the education sector, as this vendor specializes MDM solutions for this sector.
- A crafty phishing campaign targets Microsoft OneDrive users – This attack tricks users into executing a PowerShell script, which leads to their systems being compromised.
- Ransomware Hit on Florida Blood Center Affects Supplies
- Michigan hospital system struggles with cyberattack
- Hackers directly email customers of immigration firm after damaging cyberattack – At first you might think these were phishing emails, but they actually emailed the customers to pressure the company to pay the ransom.
- Dell, AT&T, Verizon, Capital One, and other companies exposed via popular office app – What apps are your staff members signing up for without your knowledge? What services are they signing up for with their organizational email address?
- New Jersey City University hacked by ransomware group demanding $700K
- Calibrated Healthcare Notifies Healthcare Patients of Recent Data Breach
Vulnerabilities, Malware, & Patches
- Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes – the malicious apps are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud.
- New Android Banking Trojan BingoMod Steals Money, Wipes Devices – more bad Android applications.
- Vulnerabilities Enable Attackers to Spoof Emails From 20 Million Domains – This spoofing technique can bypass basic rule-based email filters.
- Phishing Attacks Can bypass Microsoft 365 Email Safety Warnings
Phishy Phirewalls – the lighter side of security!
HopeNet (HopeNetCISO.com) reviews a variety of security news sources so you do not have to! The list below represents items relevant to churches, nonprofits, and other ‘Do Good’ Organizations. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers that want to explore certain topics deeper.
If this was shared with you and you would like to receive a copy directly to your email, please subscribe at HopeNetCISO.com. Also, check out the Services section of our site for ways we can help! Thanks for reading!