Tag Archive for: association

[Webinar] 5 Reasons Why Your eDiscovery Process Should Integrate Forensics Methods – May 4th, 1:00 pm – 2:00 pm EDT | Association of Certified E-Discovery Specialists (ACEDS)

/in


Dr. Gavin Manes

Dr. Gavin Manes
CEO
Avansic

Dr. Gavin Manes is a nationally recognized eDiscovery and digital forensics expert. He founded Avansic in 2004 after completing his Doctorate in Computer Science from the University of Tulsa. At Avansic, Dr. Manes is committed to high-technology innovation, research, and mentorship, and has several patents pending. Avansic’s scientific approach to eDiscovery and digital forensics stems from his academic experience.

Dr. Manes routinely serves as an expert witness including consulting with attorneys on data preservation issues. He contributes academic content to peer-reviewed journals and delivers classroom lectures. See his full CV at gavinmanes.com.

Dr. Manes has published over fifty papers on eDiscovery, digital forensics, and computer security, countless blog posts, and educational presentations to attorneys, executives, professors, law enforcement, and professional groups on topics from eDiscovery to cyber law. He’s briefed the White House, the Department of the Interior, the National Security Council, and the Pentagon on computer security and forensics issues.

At the University, Dr. Manes formed the Tulsa Digital Forensics Center, housing Cyber Crime Units from local, state, and federal law enforcement agencies. He’s a founder of the University of Tulsa’s Institute for Information Security, leading the creation of nationally recognized research efforts in digital forensics and telecommunications security.

Craig Ball

Craig Ball
Adjunct Professor, Electronic Discovery and Digital Evidence
University of Texas School of Law

Craig Ball is a trial lawyer, computer forensic examiner, law professor and noted authority on electronic evidence. He limits his practice to serving as a court-appointed special master and consultant in computer forensics and electronic discovery and has served as the Special Master or testifying expert in computer forensics and electronic discovery in some of the most challenging and celebrated cases in the U.S. A founder of the Georgetown University Law Center E-Discovery Training Academy, Craig serves on the Academy’s faculty and teaches Electronic Discovery and Digital Evidence…

Source…

Report on Patient Privacy Volume 22, Number 2. Privacy Briefs: February 2022 | Health Care Compliance Association (HCCA)

/in


◆ Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations, federal agencies warned. Russia would consider conducting a cyberattack on the U.S. homeland if Moscow perceived that a U.S. or NATO response to a potential Russian invasion of Ukraine threatened Russia’s long-term national security, according to a Department of Homeland Security intelligence bulletin obtained by CNN.[1] 1 The Cybersecurity & Infrastructure Security Agency (CISA), FBI and the National Security Agency have urged organizations to be prepared with cyber incident response, resilience, and continuity of operations plans so that critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline. The three agencies also urged organizations to enhance their cyber posture by following best practices, and to increase organizational vigilance by staying current on threat reporting.[2] John Riggi, national advisor for cybersecurity and risk at the American Hospital Association, warned that hospitals and health systems could be targeted directly, or could become “incidental victims or collateral damage of Russian-deployed malware or destructive ransomware that inadvertently penetrates U.S. health care.” Riggi noted that “a cyberattack could disrupt a mission-critical service provider to hospitals,” and added that “this is a good reminder for all to have robust downtime procedures, redundancy and business continuity plans to sustain a loss of on-premises or cloud-based mission-critical services or technology for up to four to six weeks.”[3]

◆ CISA also advised U.S. critical infrastructure organizations to review a Microsoft blog on malware identified in Ukraine and take action to strengthen their networks against potential cyberattacks.[4] The Microsoft Threat Intelligence Center reported evidence of destructive malware in systems belonging to several Ukrainian government agencies and organizations that work closely with the Ukrainian government.[5] The malware is disguised as ransomware, but if activated by the attacker, it would render the…

Source…

Republican Governors Association email servers breached by hackers

/in


Looking into the incident for Digital Journal is James Carder, Chief Security Officer at LogRhythm.

Carder recounts that the issue that afflicted Microsoft has never fully gone away: “We continue to see the effects of the Microsoft Exchange zero-day attack more than six months after news broke of the extensive hacking campaign, including additional vulnerabilities and breaches that followed the March attacks.”

This opens up bigger implications for the control of information technology systems. Carder is forthright when he says: “This serves as a reminder that our government and organizations that support elected officials continue to be highly sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged and the often-inferior defenses that allow easy exploitation.”

He adds that we must expect attacks to continue in earnest, finding: “Criminal organizations and nation state threat actors continue to ramp up attacks on our government and critical infrastructure entities like we have seen many times this year already.”

There are lessons from the latest attack that needed to be considered by the most vulnerable organizations. Carder recommends: “Government entities and organizations need to recognize that the possibility of a cyberattack is only increasing with time and they must take pivotal steps to successfully prepare for attacks.”

He adds that: “To prepare, organizations must patch aggressively, limit privileged access, create backups, prepare a response plan and prioritize educational training. As with anything in life, it’s about how you can respond to these attacks and that’s not something organizations want to do without practice and a plan.”

Read more: https://www.digitaljournal.com/tech-science/republican-governors-association-email-server-breached-by-hackers/article#ixzz77tOuuGLj

The post Republican Governors Association email servers breached by hackers appeared first on LogRhythm.

*** This is a Security Bloggers Network syndicated blog from LogRhythm authored by Mandy Schnirel. Read the original post at:

Source…

Republican Governors Association email server breached by state hackers

/in


Republican Governors Association email server breached by state hackers

The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021.

RGA is a US political organization and a tax-exempt 527 group that provides Republican candidates with the campaign resources needed to get elected as governors across the country.

SSNs and payment information exposed

Following an investigation started after March 10, “RGA determined that the threat actors accessed a small portion of RGA’s email environment between February 2021 and March 2021, and that personal information may have been accessible to the threat actor(s) as a result.”

Even though the RGA said that, at first, it wasn’t able to discover if any personal information was impacted, a subsequent “thorough data mining effort to identify potentially impacted individuals” revealed that names, Social Security numbers, and payment card information were exposed in the attack.

RGA discovered that individuals affected by this data breach had their personal information exposed on June 24 and completed its “data mining” efforts on September 1.

“Once potentially impacted individuals were identified, RGA worked to identify addresses and engage a vendor to provide call center, notification, and credit monitoring services,” RGA told impacted individuals in a breach letter sent on September 15.

“RGA is also offering you two (2) years of complimentary credit monitoring and identity restoration services with Experian. RGA has also notified the Federal Bureau of Investigation, certain state regulators, and the consumer reporting agencies of this incident as required.”

A Republican Governors Association spokesperson was not available for comment when contacted by BleepingComputer earlier today.

Abused for data theft, to deploy ransomware and cryptominers

The massive scale hacking campaign RGA refers to in its data breach notification letter targeted more than a quarter of a million Microsoft Exchange servers, owned by tens of thousands of organizations around the world.

The attackers exploited four zero-days (collectively known as

Source…