Resources

December 6, 2019
7 steps to pass, or better yet avoid, an OCR security audit

The U.S. Department Health and Human Services’ Office for Civil Rights is responsible for auditing and enforcing compliance with the HIPAA security and privacy regulations, as well as the additional rules and clarifications contained in HITECH. OCR enforces privacy and security rules through...

December 6, 2019
Oil be damned: Iran-based crooks flinging malware at Middle Eastern energy plants again - research

By Shaun Nichols in San Francisco The Register 5 Dec 2019 An Iran-based hacking crew long known to target energy facilities in neighboring Middle Eastern countries is believed to be launching new attacks. The team at IBM's X-Force said an actively spreading malware package dubbed ZeroClea...

December 6, 2019
Kingpin of Evil Corp lived large. Now there's a $5 million bounty on his head

By Dan Goodin Ars Technica 12/5/2019 Federal prosecutors have indicted the kingpin of Evil Corp, the name used by a cybercrime gang that used the notorious Dridex malware to drain more than $70 million from bank accounts in the US, UK, and other countries. Maksim V. Yakubets, a 32-year-old Rus...

December 6, 2019
Pune: Hackers bugged e-banking facility, broke security code

The Times of India December 5, 2019 PUNE: The prominent jewellery firm, whose 12 bank accounts were hacked in November this year, used to operate the accounts with the help of the bank app. Police said the fraudsters siphoned off the money by hacking the app and changing the password. “The ...

December 6, 2019
A Practical Guide to Next Steps of the Pentagon's Vendor Cyber Certification Program

By Bret C. Cohen CEO, Tier 1 Cyber December 5, 2019 With the release of the Defense Department’s Cybersecurity Maturity Model Certification 0.6, there are new guidelines that will require defense contractors to act now to prepare. Instead of a technical summary of the 90-page guidance, here are...

December 6, 2019
Small Contractors Struggle to Meet Cyber Security Standards, Pentagon Finds

By Marcus Weisgerber Defense One December 2, 2019 Even large companies aren’t doing as well as they think they are, the assistant acquisition chief said Monday. Small companies are struggling to meet the Pentagon’s newish network security rules, and even larger contractors aren’t doing a...

December 6, 2019
In Weekend Outage, Diabetes Monitors Fail to Send Crucial Alerts

By Anahad O’Connor The New York Times December 2, 2019 For many parents of children with diabetes, the Dexcom G6 continuous glucose monitor is a lifesaver. The device tracks their children’s glucose levels and sends them an alert when their blood sugar climbs too high or falls too low, all...

December 6, 2019
Ex-CTA employee reported a security glitch, then he was fired, lawsuit alleges

By Mary Wisniewski Chicago Tribune December 4, 2019 A former CTA computer programmer has sued the agency, alleging that he was forced to resign for pointing out a security flaw in the bus alert system. Christopher George Pable, 34, of the Austin neighborhood, filed a whistleblower complaint ag...

December 6, 2019
Atlassian scrambles to fix zero-day security hole accidentally disclosed on Twitter

By Thomas Claburn in San Francisco The Register 5 Dec 2019 Updated Twitter security celeb SwiftOnSecurity on Tuesday inadvertently disclosed a zero-day vulnerability affecting enterprise software biz Atlassian, a flaw that may be echoed in IBM's Aspera software. The SwiftOnSecurity Twitte...

December 6, 2019
Merck Cyberattack's $1.3 Billion Question: Was It an Act of War?

By David Voreacos, Katherine Chiglinsky, and Riley Griffin Bloomberg Markets December 2, 2019 By the time Deb Dellapena arrived for work at Merck & Co.’s 90-acre campus north of Philadelphia, there was a handwritten sign on the door: The computers are down. It was worse than it seemed. Som...

November 27, 2019
Hackers hold Milwaukee-based tech company's data for ransom; nursing homes affected

By Sophie Carson Milwaukee Journal Sentinel Nov. 23, 2019 Russian hackers are holding hostage data from a Milwaukee-based company that provides technology services to more than 100 nursing homes across the country after the company couldn't afford a $14 million ransom demand. The hack aga...

November 27, 2019
In just three months, Google sent 12k warnings about government-backed attacks

Google sent more than 12,000 security warnings to users in 149 countries about email attacks coming from a government-backed hacking group. The number only includes alerts sent between July and September 2019, Google said in a blog post today authored by Shane Huntley, a member......

November 27, 2019
Auditors Uncover Tens of Thousands of Critical Security Gaps At Energy Facilities

The Energy Department continues to botch the same cybersecurity practices year after year, leaving unclassified systems in the nation’s nuclear facilities and other critical infrastructure exposed to digital attacks, according to a federal watchdog. In......

November 27, 2019
Senior DHS cyber official to step down

By Maggie Miller The Hill 11/21/19 Jeanette Manfra, a top official within the Department of Homeland Security’s (DHS) cyber agency, announced Thursday that she will leave her position at the end of the year. Manfra, who serves as the assistant director for Cybersecurity and Communications w...

November 27, 2019
Windows 7 end-of-life is coming. How much should you worry?

Every few years, Microsoft causes some panic across industry sectors by announcing the end-of-life of one of its older Windows operating systems. In this case, Windows 7 is going “end of life” on Jan. 14, meaning Microsoft will no longer be regularly updating the system with fixes when a secu...

January 17, 2020
Mobile Banking Malware Up 50% in First Half of 2019

A new report from Check Point recaps the cybercrime trends, statistics, and vulnerabilities that defined the security landscape in 2019....

January 17, 2020
FBI Seizes Domain That Sold Info Stolen in Data Breaches

The website, WeLeakData.com, claimed to have more than 12 billion records gathered from over 10,000 breaches....

January 17, 2020
7 Ways to Get the Most Out of a Penetration Test

You'll get the best results when you're clear on what you want to accomplish from a pen test....

January 17, 2020
ADP Users Hit with Phishing Scam Ahead of Tax Season

Fraudulent emails tell recipients their W-2 forms are ready and prompt them to click malicious links....

January 17, 2020
Massive Oracle Patch Reverses Company's Trend Toward Fewer Flaws

Following a year that saw the fewest number of vulnerabilities reported since 2015, Oracle's latest quarterly patch fixes nearly 200 new vulnerabilities....

January 16, 2020
With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses

Risks of nation-state attacks go beyond Iran, and the need for awareness and security don't stop at any national border....

January 16, 2020
New Attack Campaigns Suggest Emotet Threat Is Far From Over

Malware described by the DHS as among the worst ever continues to evolve and grow, researchers from Cisco Talos, Cofense, and Check Point Software say....

January 16, 2020
Phishing Today, Deepfakes Tomorrow: Training Employees to Spot This Emerging Threat

Cybercriminals are evolving their tactics, and the security community anticipates voice and video fraud to play a role in one of the next big data breaches -- so start protecting your business now....

January 16, 2020
CISO Resigns From Pete Buttigieg Presidential Campaign

The only Democratic campaign known to have a CISO loses Mick Baccio due to a "fundamental philosophical difference with campaign management."...

January 16, 2020
NY Fed Reveals Implications of Cyberattack on US Financial System

A "pre-mortem analysis" sheds light on the potential destruction of a cyberattack against major US banks....

January 16, 2020
Active Directory Needs an Update: Here's Why

AD is still the single point of authentication for most companies that use Windows. But it has some shortcomings that should be addressed....

January 15, 2020
2017 Data Breach Will Cost Equifax at Least $1.38 Billion

Company agrees to set aside a minimum of $380.5 million as breach compensation and spend another $1 billion on transforming its information security over the next five years. The 147 million US consumers affected by the breach have one week from today to file a claim....

January 15, 2020
Google Lets iPhone Users Turn Device into Security Key

The iPhone can now be used in lieu of a physical security key as a means of protecting Google accounts....

January 15, 2020
Why Firewalls Aren't Going Anywhere

Written off multiple times as obsolete, firewalls continue to elude demise by adding features and ensuring that VPNs keep humming....

January 15, 2020
New Report Spotlights Changes in Phishing Techniques

Common and evolving strategies include the use of zero-font attacks, homograph attacks, and new tactics for fake attachments....

January 15, 2020
How to Comprehend the Buzz About Honeypots

Honeypots are crucial tools for security researchers and security teams. Understanding what they are and what they can do can be critical for making them safe and useful for your organization....

January 15, 2020
ISACs Join Forces to Secure the Travel Industry

Together, the Travel & Hospitality ISAC and the Retail & Hospitality ISAC intend to improve communications and collaboration about the evolving threat landscape....

January 15, 2020
How SD-WAN Helps Achieve Data Security and Threat Protection

Enterprises currently consider the technology a best practice because of its flexibility, scalability, performance, and agility. ...

January 14, 2020
Microsoft Patches Windows Vuln Discovered by the NSA

The National Security Agency is publicly acknowledged for its finding and reporting of CVE-2020-0601, marking the start of what it says is a new approach to security. ...

January 14, 2020
Cloud Adoption & Technology Change Create Gaps in Enterprise Security

Many companies are struggling to get a handle on risk exposure because of visibility issues, Radware survey shows....

Discover how Cloudburst Security can support you.

CONTACT US