This article originally appeared in Direct iT's new magazine, New England Cyber Defender, which you can read for free here.
With Direct iT’s mission of “delivering enterprise IT management solutions and making them accessible and affordable for small and medium businesses,” my goal by starting this magazine after being in business for 19 years is to educate small to medium-sized business clients in the area of cybersecurity in a way that leaves out technobabble.
Recently, security solutions company Pradeo made a shocking discovery regarding two file management applications on the Google Play Store. These apps, with over 1.5 million installations, have been found to be malicious and pose a serious threat to the data security of those who have downloaded them.
Hackers recently exploited a zero-day vulnerability, or a previously unknown security flaw, to steal sensitive data from systems that utilize MOVEit Transfer, a popular file transfer software. In early June, the software’s creators, Burlington, Massachusetts-based Progress Software Corp, disclosed the vulnerability to the public, acknowledging the potential risks involved.
WalletHub, a financial website, recently unveiled its latest report, "2023's Best & Worst State Economies," and Massachusetts has reason to celebrate. The Bay State secured an impressive third place in the rankings, with only Washington and Utah surpassing it.
In April, Direct iT President and CEO David Javaheri flew out to a cybersecurity conference to present on the same stage as business luminaries Daymond John, Robert Herjavec, and Kevin O’Leary.
Javaheri believes that small businesses are being targeted by threat actors more frequently than ever before.
The United States DOJ announced last month that they have seized 13 domains associated with DDoS-for-hire services per court order.
A DDoS-for-hire is a service or platform that allows individuals to launch Distributed Denial of Service (DDoS) attacks on target websites or online services in exchange for a fee.
A breach of the US Department of Transportation's TRANServe program, which offers transportation-related benefits and services to help federal employees commute to and from work, has impacted 114,000 current and 123,000 former federal employees.
According to Reuters, the USDOT found that the breach was isolated to "certain systems at the department used for administrative functions" such as benefits processing.
The parent of Harvard Pilgrim Health Care and Tufts Health Plan, Point32Health, suffered a major cybersecurity breach and ransomware event in April, according to new information released by the corporation.
According to a statement released by Point32Health, "The investigation identified signs that data was copied and taken from Harvard Pilgrim systems between March 28, 2023, and April 17, 2023. Harvard Pilgrim is taking this incident extremely seriously and deeply regrets any inconvenience this incident may cause.
This piece was first published in Direct iT President and CEO David Javaheri's newsletter, the Good, The Bad, and the Ugly.
On May 1st, I spoke to over 100 attorneys at the 2023 Real Estate Bar Association Spring Conference in a joint presentation with FBI Special Agent Vivian Barrios.
According to NCC Group, an international cyber and software resilience business, March 2023 broke the record for the number of ransomware attacks, with 459 attacks measured. This is a 62% jump from numbers reported in March 2022. Even more concerning is that this is a 91% increase from February 2023.
The Common Vulnerability Exploit CVV-2023-0669 was the main culprit for the skyrocketing number of attacks.