Be Prepared for these New and Emerging Ransomware Threats Ransomware threats are everywhere, and the problem is going to get much worse before it gets any better. According to a recent survey, about half of all businesses have experienced a ransomware attack at least once in the last 12 months, and a staggering 85% had… Read More
Internet-connected smart toys, a popular holiday gift item, have vulnerabilities that put both children and parents at risk of data breaches and identity theft. Smart toys, which connect to the internet and offer children a personalized, interactive play experience, were a very popular gift item this past holiday season. However, the interactive features of smart… Read More
Both brick-and-mortar and ecommerce retail stores make attractive targets for hackers, especially during the holidays. The 2016 holiday shopping season is in full swing, and fortunately for retail stores, consumers are not hesitating to reach for their wallets: Cyber Monday sales hit a record of $3.39 billion, surpassing estimates, and Thanksgiving and Black Friday receipts… Read More
In a new report, UC Berkeley’s Center for Long-Term Cybersecurity offers suggestions to President Elect Trump Now that the election is over, the nation’s attention has turned to President Elect Donald Trump and what a Trump Administration will mean for cyber security. Notably, information security was the only tech-related topic Trump addressed directly on his… Read More
The recent Mirai botnet DDoS attacks were the largest on record – and they were likely masterminded by teenagers. In October, a massive DDoS attack on the Dyn DNS “Managed DNS” infrastructure brought down a number of major websites, including PayPal, Twitter, Amazon, Netflix, and Spotify. The attack was accomplished through the use of the… Read More
Cyber Security Due Diligence Has Become a Fundamental Part of M&A Transactions Data breaches and a failure to comply with governmental and industry standards can impact a company in many ways, as Yahoo is finding out the hard way. The company’s recent disclosure of a massive data breach, which resulted in 500 million user accounts… Read More
For Years, Yahoo Put Usability Ahead of Cybersecurity The massive Yahoo data breach, which compromised 500 million user accounts and has put its planned acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times reports: Six years ago, Yahoo’s computer systems and customer email… Read More
In a heated political climate, even the appearance of vote hacking could threaten our nation’s democracy. The most contentious issue this election season may not be immigration or minimum wage laws but cybersecurity; specifically, the specter of vote hacking. Shortly after the discovery that the Democratic National Convention’s email server had been hacked came news… Read More
How quickly self-driving cars roll out is dependent on the industry addressing some very serious IoT cyber security issues. Now that Uber has commenced a pilot test of driverless vehicles in Pittsburgh, and competitor Lyft has predicted that most of its cars will be driverless by 2021, self-driving cars are what everyone is talking about.… Read More
The NSA Hack Proves that Much More Needs to Be Done to Protect Enterprise Data In the hit USA Network series Mr. Robot, a rogue group of hacktivists target major corporations and the government. In a recent episode, the group enlisted the help of a malicious insider to hack the FBI. Sound far-fetched? Maybe not:… Read More
PCI DSS compliance is serious business for anyone who processes or accepts major payment cards. Retailers or payment processors who are found to be in violation of PCI DSS can be fined millions of dollars, and they may even be stripped of their ability to accept major credit cards. However, PCI DSS compliance standards are… Read More
Doping allegations, illegal gambling, and other attempts to game the system and give a player or a team an edge have long plagued the professional sports world. Now, the cheating has gone cyber. Chris Correa, a former executive with the Saint Louis Cardinals MLB team, has been sentenced to nearly four years in prison for… Read More
It sounds like the plot of a James Bond movie: A band of international bank robbers have made off with nearly $100 million, and bank executives are biting their nails as the thieves remain at large. But these heists happened in real life, and the thieves never actually set foot inside a bank. They used… Read More
Wendy’s Data Breach: Forget the beef, where’s the data security? The Wendy’s data security breach, news of which first broke in January, is much worse than the fast-food company originally thought. Wendy’s first reported that the POS system breach impacted only about 5% — or approximately 300 – of its franchise-owned restaurants. However, after allegations… Read More
When contracting with a service provider, such as a data center, it is important for companies to ensure that their provider possesses the cyber security-related certifications and compliance standards that are applicable to the company’s industry. Data centers, as well as service providers who contract with data centers, sometimes claim to be “SSAE 16” certified.… Read More
POS Data Security? The next time you buy a burger at McDonald’s or Wendy’s, a computer may be the one asking, “Would you like fries with that?” After decades of depending on human workers to take orders – and payments – American fast food chains are finally moving into the computer age, driven by rising… Read More
Up until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical devices such as insulin pumps and pacemakers. If IoT security is not taken… Read More
In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cybersecurity threat – and healthcare cybersecurity in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees, ransomware attacks… Read More
Continuum GRC unveils the next generation of cybercrime prevention for organizations with NIST and SEC, NFA compliance requirements in concert with the Cybersecurity Act of 2015. Continuum GRC released the next generation antidote to fight cyber crime, compliance failures, corporate fraud, and criminal cyber-misconduct with the IT Audit Machine (ITAM IT audit software. Considered to… Read More
In a previous blog, we provided a primer on HIPAA compliance and discussed the importance of complying with this complex federal law, which is geared toward protecting patients’ private health information (PHI). While healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA, a new threat has emerged and is poised to become much… Read More
Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More
Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More
Cyber Forensics Protect the Innocent It is always rewarding when cybersecurity and cyber forensics protect the innocent. Monique Vivien Macias of KPNX 12 News Phoenix discusses with Lazarus Alliance and Continuum GRC’s CEO Michael Peters how cyber forensics has become such a vital resource in law enforcement’s toolkit. Christopher Thomas McKenna, the former Chaparral High School teacher… Read More
Still doing security audit and compliance assessments the same old way? The definition of insanity is doing something over and over again and expecting a different result. Data breaches are occurring at an alarming and escalating rate despite the traditional assessment methodology and tools. It’s time to shake up and wake up the cybersecurity industry… Read More