April 28th, 2024

Kaiser Gave Data on 13 Million Customers to Microsoft, Google and Others.
CISA Releases “Cybersecurity Performance Goals” or CPGs for Critical Infrastructure and You
FCC Votes to Restore Net Neutrality
Biden Signs Extension to FISA Section 702
Europe’s Police Chiefs and Europol Urge Politicians to Ban End to End Encryption
Russia Sentences Meta Spokesperson Andy Stone to 6 Years in Absentia
Hedgey Finances Hacked for $44 Million
Cannes Hospital Cancels Procedures Following Cyberattack

Security News for the Week Ending April 19th, 2024

This week’s security news bites: HHS beefs up privacy protections for reproductive healthcare
info, RIng fined $5.6 mil after insiders compromised customer privacy, while Congress worries
about TikTok, website sells billions of Discord messages, FBI issues alert on cryptocurrency
money services businesses and FTC finalizes health breach notification rule (HBNR) rule
update.

Read details here.

Do you need to comply with CISA’s new Cybersecurity Performance Goals (GPGs)?
Agencies are starting to ask vendors for their current compliance and their plans to get
fully compliant. Need help getting compliant, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com

April 21st, 2024

Protecting WiFi Security Cameras from being Jammed
Smart Door Locks Are an Oxymoron
Duo Suffers Breach – Sort Of
DHS Breathes New Life into Software Bills of Material (SBOMs)
Ignore Security Researchers at Your Own Peril
House Passes FISA 702 Renewal Without Warrant Requirement
Crypto Trader Convicted of $110 Million Crypto Trade Exploit
Congress Bans Microsoft Copilot on Congress-Owned Devices
AI, Algorithms and Awful Humans
The Change Healthcare Double Extortion Breach Gets Worse
United Healthcare Says Ransomware Attack Cost $872 Million So Far
NY Governor Says Cyberattack on Legislative Systems is Holding Up State Budget
Five French Cities May Take Months to Recover from Cyberattack
Frontier Communications Hit by Cyberattack

Security News for the Week Ending April 19th, 2024

This week’s news bites: Administration announces preliminary agreement for new high tech chip
factories in Arizona, the risk of using hardware past its expiration date, Apple warns users in
150 countries of “mercenary spyware” attacks, US Space Force says it needs help from Musk
and Bezos and FBI warns of massive road toll SMS phishing attacks.

Read details here.

It sounds like the hackers are definitely getting into AI – making deep fake audio and
video to imitate your executive team and it is, in many cases, working. If you need help
fighting off the hackers, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com

April 12th, 2024

Insurance Companies Are Using Drones to Deny Claims and Drop Coverage
EV Charging Stations Are A Hot Target for Hackers
The Fourth Amendment IS for Sale – At Least for Now
DoD Acronym Reference
Intel Announces Gaudi 3 AI Chip
Google Offers New “Multi-Admin” Approval Feature for High Risk Changes
Microsoft’s Patch Tuesday Fixes 150 Security Bugs, 67 Remote Code Execution Bugs and Two Zero-Day Bugs, Oh My!
Critical Rust Flaw Affects Other Programming Languages Too
New Windows Driver Blocks Software From Changing Default Web Browser
Congress is Trying Again for a National Privacy Law
Senator Introduces Bill Requiring Hospital and Their Vendors to Implement Best Security Practices to Get Emergency Government Payments
Possibly the Largest Breach Ever
Third Party Risk – This Time it is a DoJ Vendor That Loses It
AT&T Data Breach ONLY 51 million Records, not 73 Million, according to the Company

Security News for the Week Ending April 12th, 2024

This week’s security news bites: feds give another chip maker subsidy to build in the US, MGM
says FTC can’t investigate them because FTC chair was a guest at the hotel, I can be had, but I
am not cheap, this is embarrassing – Mitre hacked – by well known bug and President issues EO
on personal data distribution to known adversaries.

Read details here.

Microsoft is not alone in having an inadequate security culture. After a breach, many
lawsuits focus on this lack of a security culture as a reason why they are suing and the
courts are beginning to agree. If your company could use some help, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com

April 5th, 2024

Energy Utilities Announce Plans to Proactively Turn Off Power During High Winds
NIST SP 800-171 Rev 3
AT&T Does Mass Password Reset
Phishing Campaign is Targeting Oil & Gas Sector
Microsoft To Unbundle Teams from Office
WordPress Flaw Affects One Million WordPress Sites
Impact of CMMC to Defense Contractors’ Choice of Vendors
FCC to Investigate Non-Security in Global Signaling System
Do Kwon and Terraform Labs Liable for $40 Billion Fraud
CISA Published New Webpage for High-Risk Communities
FixedFloat Crypto Exchange Hacked for Second Time in Two Months
Omni Hotels Suffers “IT Outage”
Nearly 1 Million Cancer Patient Records Stolen from City of Hope
City of Birmingham, Alabama Reverts to Paper

Security News for the Week Ending April 5th, 2024

This week’s news bites: DoD opens cyber policy office, to FISA or not to FISA – April 19th is the
data, automakers vs FCC fight over connected cars, Microsoft says China plans to disrupt
elections using AI and Google agrees to delete billions of records to resolve a lawsuit. Read the
details here.

Read details here.

If you are a defense contractor OR if you are a vendor to a defense contractor, you need
to understand the ramifications of DoD’s new requirements for EXTERNAL SERVICE
PROVIDERS. If you are not all over this, you need to be. If you don’t understand the
problem, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com