Today is the “Mitigating Phishing and Ransomware Risks on your Journey to Cyber Wellness” webinar featuring experts from Benesch Friedlander Coplan & Aronoff LLP, Hylant Cyber Solutions, and Fortress Security Risk Management. It happens today at noon! bit.ly/3N6RX3w

NIST released a draft of version 2.0 of its Cybersecurity Framework last week, focusing on what it has been working on and which is meant to create “discussion to generate concrete suggestions for improving the Framework.” Give it a read! bit.ly/40NFSn3

Falling for a scam now could also cost you in the future. An online company that allegedly sells access to jobs at the USPS exposed its database of nearly 900,000 customers and for at least a year, an infostealer sent the data to cybercriminals in Russia. bit.ly/413DcSF

The dark web is a threat to your organization because you don’t know what you don’t know. Is your data exposed? How about compromised login credentials? Even if your cybersecurity is top-notch, consider having a cyber partner perform dark web monitoring. bit.ly/44mnNQ2

Cyber-attacks against cybersecurity providers are increasing. A recent extortion attempt against a Maryland-based firm had the hackers contacting the CEO’s wife and 5-year-old son, and other executives, to increase the pressure to pay the extortion demand. bit.ly/3Mk74pM

In case you couldn’t attend our last two webinars, “Achieving Cyber Wellness Amidst Third-Party Risk” & “Mitigating Phishing and Ransomware Risks on your Journey to Cyber Wellness,” they’re now available on demand on our website. View, learn, and be safe. fortresssrm.com/category/video…

More proof that all endpoints are vulnerable: bad actors are exploiting PaperCut printer servers against education facilities. Some of the attacks have led to data exfiltration and system encryption so make sure your PaperCut servers are patched! bit.ly/3Mntia4

“Living off the Land” is a cybersecurity term that describes using remote management tools in an attack to evade detection. Our latest blog post covers ways to mitigate the risk of attacks that utilize remote management tools. It’s a must-read! bit.ly/3WhO8uS

Another example of Google Ads being used to deliver malware, this time for fake apps for ChatGPT and Midjourney that instead download info stealer software. Both AI tools have no app - ChatGPT uses a web interface and Midjourney uses Discord. bit.ly/3IqNSE6

The Philadelphia Inquirer newspaper experienced a cyberattack last week that prevented the Sunday print edition from being printed and slowed its online news site. The FBI has an active investigation ongoing into the extent and target of the attack. bit.ly/41Dm8TJ

30% of companies hit with ransomware have less than 100 employees. That kind of cyber-attack can crush a small business, so NIST has launched the Small Business Cybersecurity Community of Interest (COI) to help meet the security needs of small businesses. bit.ly/3MAgA6P

A new Ponemon Institute report shows that organizational cybersecurity training programs are increasing. 53% of companies include training as part of onboarding, up 12% from 2020. Training substantially improves a company’s overall security posture. bit.ly/3OCiQ08

How does a country deal with threats to aviation? The U.S. government has a framework to address the most pressing security and business continuity issues that face aviation and our latest white paper reviews the national approach to aviation safety. bit.ly/3MZ42aM

Which country has the best cybersecurity skills? The smallest nation is also the most cyber-literate: Vatican City. The research was meant to rank citizen’s understanding of cybersecurity and the ability to recognize online threats. The U.S. ranked 21st. bit.ly/45Gpl8e

A new study says the risk of a cyber-attack is keeping 51% of CEOs awake at night. More startling is only 21% consider themselves responsible for their organization’s cybersecurity. We believe everyone is responsible for an organization’s cybersecurity. bit.ly/3qmWmGj

CEO Andy Jones was a speaker at Northern Ohio HIMSS 2023 Spring Conference last week and shared his thoughts on cybersecurity trends and a practical approach to achieving cyber resiliency. Wherever your healthcare organization is on its journey to cyber resilience, we can help!

The 2023 Verizon Data Breach Investigations Report is out and key findings are that ransomware events held steady at 24% of all security breaches last year and 74% of all breaches included the human element. If you’re interested, check out the report. vz.to/46bKdVl

The NSA, CISA, and FBI issued a joint cybersecurity advisory to highlight a state-sponsored cyber actor known as Volt Typhoon that uses living off the land tactics, which our director of incident response explains in a recent post. Give it a read! bit.ly/3WhO8uS

Last week we mentioned the new 2023 Verizon Data Breach Investigations Report, and this is a great summary of its top 10 takeaways. The threat landscape is always changing, and we’re always focused on securing our clients’ futures! bit.ly/3Xc2NZ9

Cyber criminals are using ChatGPT to write grammatically correct BEC and phishing emails which makes it more difficult to identify and catch them. It proves once again that people are the first and last line of defense when it comes to cybersecurity. bit.ly/43Fn3oy