What Is Ransomware-as-a-Service? Understanding RaaS

Ransomware-as-a-service lowers the bar for entering the entering the cyber extortion game Ransomware isn’t a new threat. It first rose to prominence back in 2016, when Hollywood Presbyterian Medical Center shelled out $17,000 in bitcoin after an attack took the hospital offline. Since then, ransomware has only become more popular, especially for hackers targeting the… Read More

Chinese Hackers Pose a Serious Threat to Military Contractors

Chinese hackers have successfully breached contractors for the U.S. Navy, according to WSJ report. The years-long Marriott Starwood database breach was almost certainly the work of nation-state hackers sponsored by China, likely as part of a larger campaign by Chinese hackers to breach health insurers and government security clearance files, The New York Times reports.… Read More

The Top Cyber Security Threats Facing Enterprises in 2019

The top cyber security threats your organization may encounter in 2019  The cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the… Read More

NIST Issues Guidance for Medical IoT Device Security

As the popularity of medical IoT devices grows, so do security vulnerabilities. There are more connected devices than there are humans on Earth. Organizations have been as quick to embrace the Internet of Things as consumers have, and the healthcare industry is no exception. Medical IoT devices have exploded in popularity and grown in complexity.… Read More

Penetration Tests vs. Vulnerability Scans: Understanding the Differences

Penetration tests and vulnerability scans are related but different cyber security services The difference between penetration tests and vulnerability scans is a common source of confusion. While both are important tools for cyber risk analysis and are mandated under PCI DSS, HIPAA, and other security standards and frameworks, they are quite different. Let’s examine the… Read More

Cyber Security Lesson Brief from the Under Armour Breach

The Under Armour breach provides lessons in the do’s and don’ts of enterprise cyber security and compliance with the EU GDPR Last week, athletic apparel manufacturer Under Armour announced that its popular MyFitnessPal weight loss and fitness tracking app had been hacked, compromising 150 million accounts. The Under Armour breach is the largest data breach… Read More

Tax Phishing Scams Are Back: Here Are 3 to Watch Out For

This Year’s Crop of Tax Phishing Scams Target Individuals, Employers, and Tax Preparers Tax season is stressful enough without having to worry about becoming the victim of a cyber crime. Here are three different tax phishing scams targeting employers, individuals, and even tax preparers that are currently making the rounds. Employers: W-2 Phishing Emails The… Read More

States Worry About Election Hacking as Midterms Approach

Mueller indictments of Russian cyber criminals put election hacking at top of mind State officials expressed grave concerns about election hacking the day after Special Counsel Robert Mueller handed down indictments of 13 Russian nationals on charges of interfering with the 2016 presidential election. The Washington Post reports: At a conference of state secretaries of… Read More

Crypto-Mining Malware May Be a Bigger Threat than Ransomware

Crypto-Mining Malware is Crippling Enterprise Networks Cryptocurrencies such as Bitcoin and Ethereum have gone mainstream; it seems like everybody and their brother is looking to buy some crypto and get their piece of the digital currency gold rush. Hackers want a piece of it, too. In addition to hacking ICO’s and cryptocurrency exchanges, they’re using… Read More

CUTV News Radio spotlights Michael Peters of Lazarus Alliance

CUTV News Radio spotlights Michael Peters of Lazarus AllianceCUTV News Radio with veteran award-winning broadcast TV and radio hosts/media personalities Jim Masters and Doug Llewelyn is an exciting, informative, entertaining, thought-provoking and empowering broadcast series featuring several LIVE episodes daily and is a service of the Telly-award winning CUTV News, a full service media company… Read More

Post Equifax, New Data Breach Notification Laws are Inevitable

New data breach notification regulations aren’t a matter of if, but when The U.S. Securities and Exchange Commission plans to update its six-year-old guidelines regarding data breach notification and cyber risk disclosure, Bank Info Security reports: The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to investors as… Read More

FISMA, FedRAMP, and NIST: Federal Compliance Demystified

FISMA vs. FedRAMP and NIST: Making Sense of Government Compliance Standards FISMA, FedRAMP, NIST, DFARS, CJIS, HIPAA … Government compliance standards can seem like a veritable alphabet soup. Making matters even worse, a lot of them overlap, and many organizations aren’t certain which standards they need to comply with. Even if your organization does not… Read More

Report Finds Arizona Businesses Hit Hard By Malware

A new report by a cybersecurity firm shows Arizona businesses lead the nation in malware detections. Malwarebytes examined data from its client companies with fewer than 1,000 employees. In the first quarter of this year, Malwarebytes found incidents in Arizona increased 1,332 percent compared with the same period a year earlier. “It’s really malicious software that’s been… Read More

It’s Time to Get Serious About Education Cyber Security

Back to School: Education Cyber Security K-12 school systems, colleges, and universities are being increasingly targeted by hackers, yet education cyber security is as woefully lacking as other industries, as these recent incidents illustrate: In November 2016, Columbia County School District in Georgia admitted to a breach of personal information belonging to its employees and… Read More

Is Cloud Computing Really Secure? A Pragmatic Approach

Is Cloud Computing Really Secure? A Pragmatic Approach Considering Cloud Computing? So, you are making plans to move into cloud computing and are considering your options offered by the plethora of providers out there but you have questions and concerns. Congratulations! The bottom line up front is yes, cloud computing can be very secure. You… Read More

Spear Phishing: Don’t Take the Bait!

Following a string of high-profile incidents that began earlier this year, the healthcare industry has been highly focused on preventing ransomware attacks. IoT security has also emerged as a growing concern. However, healthcare organizations (as well as businesses in other industries) cannot afford to ignore another growing threat: spear phishing. Like regular phishing, spear phishing… Read More

IoT Security: Medical Devices Are the Next Target for Hackers

Up until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical devices such as insulin pumps and pacemakers. If IoT security is not taken… Read More

5 Tips for Healthcare Cyber Security

In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cyber security threat – and healthcare cyber security in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees,… Read More