January 26th, 2025

Hunter Biden Laptop Data Available on Internet – with Additions and Modifications
US Needs to Be More Aggressive in Countering Chinese Hacking
CMMC Q&A
What is the Future of TikTok
Toronto School Board Says 40 Years of Student Data Compromised in PowerSchool Breach
SonicWall SMA1000 AMC and CMC Users – Patch Now
The Downside of Being Breached – Powerschool Faces 23 Lawsuits Seeking Class Status
President Fires Cyber Safety Review Board
Financial Institutions in EU Have New Cyber Rules Called DORA
President Signs EO to Study Creating a Cryptocurrency Reserve
Melania Launches memecoin, Tanks Trump’s – Crypto Bros Wondering What Gives
Fintech ‘Willow Pays’ Breach Revealed Financial Information of 241,000
Ongoing “Service Interruption” at Government Contractor Conduent Impacts Benefits
Texas Investigates Insider Breach, Theft of Benefits Funds
Hackers Steal 400 GB of Data from American Standard
US Defense Contractor Stark Aerospace Hacked by INC Ransom Group

Security News Bites for the Week Ending January 24th, 2025

This week’s news bites include: great AI tool with a large dose of Chinese propaganda and
censorship, Chinese behind massive SMS spam scams, president pardons Ross Ulbricht, founder of Silk Road, administration tells Democrats on intelligence oversight board to resign
and the war against Meta in Europe continues.

Read details here.

If you don’t have an effective data retention policy you could wind up in the same boat
that PowerSchool is in. They retained 40 years of student data from tens of millions of
students and it is all now available for sale. Consider whether the risk from keeping the
data is worth the value. Need help creating an effective data retention program – please
contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]

January 19th, 2025

Let’s Encrypt to Start Issuing “Short Lived” Certificates
FBI Racing to Safeguard Identities of Confidential Informants After AT&T Breach in April
Hackers Leaked Configs and VPN Credentials for 15,000 FortiGate Devices
CMMC Q&A
Fortinet Confirms New Zero-Day Being Exploited
US Actually Arrests Russian Nationals for Running Crypto Mixers
BitMEX Fined Another $100 Million for Ignoring US Securities Laws
What Involvement Should the Board Have in Cyber Breach Response
Over $2 Million Stolen by Fake Job Scammers
Allstate Being Sued by Texas AG for Illegally Collecting and Selling Data on 45 Million
Hackers Steal, Publish Data from D.C. Police Including Gang and HR Data

Security News Bites for the Week Ending January 17th, 2025

This week’s news bites include Is TikTok for sale? Maybe, are all US mail cluster boxes keyed
the same, if you think China’s cybersecurity is better than ours – it is not, the Supremes killed
TikTok and federal contractors need to take special actions regarding the TikTok ban.

Read details here.

Check out the article in education above. Does your board, private or public, have the
knowledge it needs to perform its role as described by the partners at Alston & Bird? If
not or even if you think they just need a refresher, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]

January 12th, 2025

Vendor Lies About Encrypting Your Data in Their Cloud
CMMC Q&A
China Sanctions US Companies in Prep for Next Administration’s Sanctions
Will Facebook Become the Next Social Media Dumpster Fire?
SonicWall Says Patch Exploitable SSL VPN Bug Now!
Is the FBI’s Dream of No Encryption (Finally) Dead in the Water?
Russia May Have Stepped in a Pile of Doo-Doo This Time
K-12 Software Maker PowerSchool Compromised Data on 50 Million Children
Weed Dispensary STIIIZY Warns of Leaked Data After Breach

Security News Bites for the Week Ending January 10th, 2025

This week’s news bites include: New Orleans truck terrorist used Meta Ray-Bans to surveil
French Quarter, Oath Keepers and American Patriots III data released in insider attack, UN
passes flawed cybercrime treaty; US unlikely to ratify it, is DoD doing enough to protect
communications and license plate readers as a global surveillance tool.

Read details here.

The FBI has dramatically changed its position on encryption of communications. They
are now saying everything should be encrypted end-to-end. If you are wondering, based
on the recent Salt Typhoon attacks, whether your communications are safe, please
contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]

January 5th, 2025

The Department of Commerce May Ban Chinese Drones
Dark Web Service: Bypass “Know Your Customer (KYC)” Checks
Follow Up to Last Week’s Item on a Russian Tanker Severing Cables Off Finland
If You Installed Windows 11 24H2 via CD or Flash … Read This
Is That Bug Exploit Code Written by an AI?
Active Directory Bug Can Crash Any Server and Domain Controller
Tenable is Following in CrowdStrike’s Footsteps
DoJ Releases Final Rule of US Sensitive Personal Data and Government-Related Data
Federal Dept. of Health & Human Services Proposes New Cybersecurity Requirements
Insider Threat
Linux Users Join the BootKit Malware World
Eyecare Firm Care1 Exposes 2.2 Terabytes of Patient Data
New Victim in BeyondTrust Hack – US Treasury Department
NY Hospital Attack Impacts 670,000

Security News Bites for the Week Ending January 5th, 2025

This week’s news bites include: feds arrest US soldier in AT&T, Verizon+ hacks, AT&T, Verizon
say they finally removed Chinese hackers from their networks, Do Kwon, mastermind of
Terraform Labs $40 billion scam extradited to the US, vehicle borne attacks in New Orleans and
Las Vegas – are you liable and Chinese spies who hacked Treasury went after OFAC officials.

Read details here.

Given the recent attack on Treasury and a bunch of other recent attacks, are you sure
your supply chain is secure?

If you have to comply with CMMC, now is the time to kick your program into overdrive.

If you need help with either of these areas, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]