Crain Currency Logo

CRAIN CURRENCY: Essential steps for protection in aftermath of recent data breaches

/in /by

Family offices have recently been caught up in at least two major data breaches — involving Corewell Health, a major health care provider in Michigan, and the Real Estate Wealth Network — potentially exposing some of their most private information to hackers and criminals. Since the breaches involve a third party, family offices are left with few options except to harden their cybersecurity procedures and keep an eye out for suspicious activity, security experts say.

At the end of last year, cybersecurity breaches at both a health management platform and a software company contracted by Corewell affected in total more than 2 million residents of Michigan. The data revealed included name, address, date of birth, medical information such as diagnosis and mental/physical condition, prescription information, as well as insurance and billing information.

And of late December, it was revealed that 1.5 billion records containing information on property owners, sellers, investors and internal logging data were leaked in a data breach of the Real Estate Wealth Network. Among those affected were a slew of wealth investors such as Elon Musk and celebrities such as Kylie Jenner and Dave Chappelle.

 

Read the full article here: https://www.craincurrency.com/family-office-management/essential-steps-protection-aftermath-recent-data-breaches

CNBC

CNBC: CRYPTO WORLD New details emerge about SEC’s X account hack, including SIM swap

/in /by

The U.S. Securities and Exchange Commission said on Monday that a SIM swap attack was to blame for the breach of its official account on X, formerly known as Twitter, earlier this month.

On Jan. 9, an unauthorized party gained access to the @SECGov account and displayed a fake post claiming the agency had approved the first-ever spot bitcoin exchange-traded funds. The cryptocurrency market moved following the unauthorized post, with bitcoin prices initially shooting up to nearly $48,000 from a low that day of just above $45,000. Then, after the SEC clarified that it had not yet approved the bitcoin ETF, prices fell below $46,000.

 

Read the full article here: https://www.cnbc.com/2024/01/22/new-details-emerge-about-secs-x-account-hack-including-sim-swap.html 

Schwab Network

Schwab Network: The Calamitous Damage Of Cyberattacks

/in /by

We’re seeing that calamitous damage that happens out in the social media space, and that’s what we saw yesterday with the SEC’s official X account being compromised, notes Dr. Chris Pierson. He discusses the importance of cybersecurity measures right now, as well as concerns about government cyberattack incidents. He highlights com cybersecurity stocks including PANW, FTNT, and CRWD. He then goes over cyberattack disclosures and risk management in today’s market, in addition to cybersecurity trends to monitor in 2024. Tune in to find out more about the stock market today.

Watch the full video here (https://schwabnetwork.com/video/the-calamitous-damage-of-cyberattacks) or below.

 

DailyMail.com

Daily Mail: Tech expert reveals how boom in AI has enabled hackers to create sordid real-life scenarios to target victims online - and what you can do to avoid being extorted

/in /by
  • Online hackers are extorting victims out of thousands of dollars by creating sordid scenarios and luring in unsuspecting internet users 
  • In one recent case, Kai Zhuang, 17, was plucked from a Utah mountainside after anonymous scammers convinced him to isolate himself 
  • Once he was alone, kidnappers sent a ransom demand to his parents in China to be paid for his return 
  • The rouse is part of an ongoing series of scams that are exploiting individuals around the world 

 

Read the article here: https://www.dailymail.co.uk/news/article-12924023/virtual-kidnapping-expert-AI-enabled-hackers-online.html

cybernews

Cybernews: ALPHV’s criminal reputation may be “tarnished” irreversibly

/in /by

No matter how deeply the FBI penetrated the ALPHV ransomware gang’s dark web infrastructure, the cartel may struggle to prove to its team of racketeers that it can continue operating.

FBI’s notice of domain seizure on the ALPHV – also known as BlackCat – dark web blog may have been the nudge to send the cybercrime group responsible for a public hack of MGM Casinos tumbling down a proverbial cliff.

 

Read the full article here: https://cybernews.com/news/alphv-blackcat-seizure-reputation-explained/

Information week

Information Week: Clock Starts on SEC Cyberattack Rules: What CISOs Should Know

/in /by

New federal rules will require public companies to disclose cybersecurity incidents as well as material risks from threats. Experts say the rules could be tricky to navigate and leave openings for exploitation by threat actors.

The Security and Exchange Commission’s rules policing disclosure and documentation of cyberattack incidents were adopted in July and started going into effect on December 15. Today, the remaining rules will apply to all public companies.

The rules will require businesses to disclose any cybersecurity incident they determine to be material and to disclose the incident’s scope, nature, and timing along with material impact. The rules also require organizations to describe processes for assessing, identifying, and managing material risks from those threats as well as the board of directors’ and management’s role in assessing and managing risk. The written disclosures must be filed within four business days of the event’s discovery.

A crystal ball with data shimmering inside

DataTribe: Cyber Trends & Predictions for 2024

/in /by

We are honored to meet many phenomenal cybersecurity founding teams throughout the year. In the fall, we hosted the DataTribe Challenge, inviting pre-seed founders to compete for recognition and potentially an investment by DataTribe. As a result of the Challenge, we have a surge in the already large volume of opportunities we review in the fall. This flow of cybersecurity opportunities provides clues as to what founders believe will be a big deal in the coming years. And given that these founders put their time, reputations, and money on the line, it is a pure data signal.

This report explores the top themes we saw this year and throughout the 2023 Challenge. We add to our perspective with forward-looking predictions from members of the DataTribe CISO Network and CEOs of our portfolio companies: all experts, all with different lenses on the vast domain that is cybersecurity.

Undoubtedly, 2023 was the year of AI in cybersecurity (and in everything else). Forty percent of the submissions to the DataTribe Challenge were AI-centered. That’s a massive increase and points toward a future in the next five years where AI-powered defenses will become the mainstream default.

Another interesting observation jumps out from the analysis. One theme that is on the minds of CISOs much more than cyber founders this year is the implications of new SEC rules. The new rules promote cyber risk to the level of other key investment risks that require disclosure. This is a significant development. As you’ll see below, the new SEC rules loom large for CISOs leading into 2024 — potentially changing how CISOs think about their roles. Of course, given the central role of CISOs in the cyber ecosystem, this is worth paying attention to as we look ahead to 2024.

 

Read the article to find out Chris Pierson’s contribution to the article and his prediction for 2024: https://datatribe.com/cyber-trends-predictions-report-2023/

Infosec starts here

README_: AlphV’s bid to report its victim to the SEC could backfire

/in /by

By Cynthia Brumfield

The ransomware group AlphV reported a victim to the SEC for failing to report a cybersecurity incident, placing government regulators in a precarious position and possibly prompting organizations to step up their compliance game and become more transparent.

On Nov. 15, the ransomware threat actor AlphV, also known as BlackCat, added and removed publicly traded financial institution MeridianLink from its leak site. But, in a twist for ransomware attackers, AlphV also reported its victim to the U.S. Securities Exchange Commission (SEC) via an anonymous tip form.

AlphV told the regulator that MeridianLink failed to report a cybersecurity incident within four days, as required under new SEC rules that don’t technically go into effect until Dec. 15. AlphV said the incident occurred on Nov. 7, but Meridian Link indicated it happened on Nov. 10. Either way, under the upcoming new rules, publicly traded companies such as MeridianLink must report cybersecurity incidents to the Commission within four business days after they determine the incident is “material.”

 

Read the res of the article here: https://readme.synack.com/alphvs-bid-to-report-its-victim-to-the-sec-could-backfire

IT Brew

IT Brew: How an exec’s digital life offer clues for hovering hackers

/in /by

Some cyberattacks targeting executives begin with a look around social media.

Small pieces of personal life shared publicly on social media can sometimes lead to big breaches, and executives in particular need to be careful about what they post.

Pen testers and ethical hackers told IT Brew that the tiniest bits of online info can lead to system access.

Rachel Tobac, co-founder and CEO of SocialProof Security—whom you might recall from her hacking demo on 60 Minutes—often sees execs leaving a trail of valuable data on Instagram, Twitter, and other social media sites.

Say, an exec posting a LinkedIn photo of a quarterly retreat, with a whiteboard of notes in the background.

Read the full article here: https://www.itbrew.com/stories/2023/12/08/how-an-exec-s-digital-life-offer-clues-for-hunting-hackers

PROTECT YOUR DIGITAL LIFE™
Winner Cybersecurity Excellence Award 2025
Best places to work 2025
BlackCloak Cyber GRX logo
TAG Cyber 2024 Distinguished Vendor
AICPA logo
BlackCloak-Footer-SC Awards 2023@2x
Global-Infosec-Award - Cyber Defense Magazine Winner
CyberTech badge

© 2025. BlackCloak, Inc. All Rights Reserved.

Sitemap