Something Phishy is happening – Phishing Scams on the Rise

Coronavirus-related Phishing Scams and Attacks on the rise Cybercriminals have been taking advantage of the coronavirus outbreak to target people with phishing scams and malware in the guise of information relevant to the disease. These attacks typically take the form of malicious apps, phishing emails, and phony websites. In addition, the US government has been… Read More

PCI Compliance is Vital to the Economic Engine of the World

The Evolving Need for PCI DSS Compliance. The current COVID-19 pandemic has dramatically accelerated a trend that was already on the rise — a move toward many new forms of electronic payment that involve capturing and transmitting credit card data. Businesses have moved online-only transactions during this crisis, and many consumers don’t want to handle… Read More

Dark Data Is Hurting Your Cyber Security

Dark data doesn’t just cost organizations money; it also damages their cybersecurity and compliance postures Server rooms filled with digital files may look neater than the paper file rooms of old, but they’re not necessarily more organized, and “dark data” lurks around every corner. Sixty percent of respondents to a survey by big data software… Read More

SMB Cyber Security Threatened by Human Hacking

A new Ponemon report on SMB cyber security reveals the top challenges and threats facing global small and medium-sized businesses If you think your company is too small to be hacked, think again. According to a new report on SMB cyber security by the Ponemon Institute and Keeper Security, 66% of small and medium-sized businesses… Read More

NIST Proposes Secure Software Development Framework

NIST proposes a Secure Software Development Framework to address software supply chain attacks Applying software updates and patches as soon as possible is a cyber security best practice, but what if an update contains malicious code inserted by a hacker? Software supply chain attacks are a serious and growing problem for both private-sector organizations and… Read More

How to Protect Your Business Website from Formjacking

Formjacking allows hackers to steal payment card data and other information submitted through online forms As individuals become more savvy about avoiding phishing emails, and enterprises get better at filtering them out before they ever reach employees’ inboxes, it’s become more difficult for hackers to infect enterprise systems with ransomware and cryptojacking malware. Companies are… Read More

Hackers Can Use DICOM Bug to Hide Malware in Medical Images

Hackers Can Use DICOM Bug to Hide Malware in Medical Images  DICOM bug enables hackers to insert fully functioning executable code into medical images A newly discovered design flaw in DICOM, a three-decade-old medical imaging standard, could be used to deliver malware inside what appears to be an innocuous image file, a researcher from Cylera… Read More

Arizona Beverages Ransomware Attack Halts Sales for Days

Poor cybersecurity practices complicated recovery from the Arizona Beverages ransomware attack. What appears to have been a targeted ransomware attack knocked over 200 networked computers and servers offline at Arizona Beverages, one of the largest beverage suppliers in the U.S., TechCrunch reports. The attack, which the company was still struggling to recover from two weeks… Read More

Business Email Compromise Attacks Increase by Nearly 500%

Business email compromise attacks are designed to bypass traditional email security measures, such as spam filters. Last year, the FBI reported that incidents of business email compromise (BEC), also known as spear phishing, CEO fraud, and invoice fraud, had been reported in all 50 states and 150 countries, with global losses exceeding $12 billion. BEC… Read More

Kubernetes Security Best Practices to Protect Your Cloud Containers

Seal up your cloud containers with these Kubernetes security best practices. Lightweight cloud containers are fast replacing resource-sucking virtual machines, and Kubernetes is fast becoming the de facto standard for container orchestration. Kubernetes adoption doubled in 2018. Unfortunately, as with any popular technology, it was only a matter of time before hackers discovered a way… Read More

Hybrid Cloud Security Lags Behind Implementation

Hybrid cloud security survey shows that most organizations are implementing hybrid clouds far faster than their security teams can manage them. For many organizations, particularly those in highly regulated industries such as healthcare, hybrid cloud environments offer the best of both worlds. Companies get to enjoy the easy scalability and other benefits of AWS, Microsoft… Read More

Cyber Attack Costs Can Cripple Small and Medium Sized Businesses

Think your company “can’t afford” cyber security? How much will a cyber attack cost? Cost is arguably the biggest impediment to robust, proactive cyber security at small and medium sized businesses (SMBs). SMBs are aware of the need to secure their systems and data, but when presented with a solution, the costs may give them… Read More

What Is Ransomware-as-a-Service? Understanding RaaS

Ransomware-as-a-service lowers the bar for entering the entering the cyber extortion game Ransomware isn’t a new threat. It first rose to prominence back in 2016, when Hollywood Presbyterian Medical Center shelled out $17,000 in bitcoin after an attack took the hospital offline. Since then, ransomware has only become more popular, especially for hackers targeting the… Read More

Browser Extensions Can Pose Significant Cyber Security Threats

Malicious browser extensions can steal credentials, cryptocurrency, and more From blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security – usually for free. However, browser extensions need a wealth of access permissions to operate, including… Read More

Are You Protected Against the 5 Top Healthcare Cyber Threats?

The 5 top healthcare cyber threats, according to the U.S. Department of Health & Human Services’ new guide The financial impact of healthcare cyber attacks can be devastating, especially to small organizations. The HHS points out that the healthcare industry has the highest data breach cost of any industry, at an average of $408 per… Read More

Chinese Hackers Pose a Serious Threat to Military Contractors

Chinese hackers have successfully breached contractors for the U.S. Navy, according to WSJ report. The years-long Marriott Starwood database breach was almost certainly the work of nation-state hackers sponsored by China, likely as part of a larger campaign by Chinese hackers to breach health insurers and government security clearance files, The New York Times reports.… Read More

The Top Cyber Security Threats Facing Enterprises in 2019

The top cyber security threats your organization may encounter in 2019  The cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the… Read More

NIST Issues Guidance for Medical IoT Device Security

As the popularity of medical IoT devices grows, so do security vulnerabilities. There are more connected devices than there are humans on Earth. Organizations have been as quick to embrace the Internet of Things as consumers have, and the healthcare industry is no exception. Medical IoT devices have exploded in popularity and grown in complexity.… Read More

Penetration Tests vs. Vulnerability Scans: Understanding the Differences

Penetration tests and vulnerability scans are related but different cyber security services The difference between penetration tests and vulnerability scans is a common source of confusion. While both are important tools for cyber risk analysis and are mandated under PCI DSS, HIPAA, and other security standards and frameworks, they are quite different. Let’s examine the… Read More

Cyber Security Lesson Brief from the Under Armour Breach

The Under Armour breach provides lessons in the do’s and don’ts of enterprise cyber security and compliance with the EU GDPR Last week, athletic apparel manufacturer Under Armour announced that its popular MyFitnessPal weight loss and fitness tracking app had been hacked, compromising 150 million accounts. The Under Armour breach is the largest data breach… Read More

Tax Phishing Scams Are Back: Here Are 3 to Watch Out For

This Year’s Crop of Tax Phishing Scams Target Individuals, Employers, and Tax Preparers Tax season is stressful enough without having to worry about becoming the victim of a cyber crime. Here are three different tax phishing scams targeting employers, individuals, and even tax preparers that are currently making the rounds. Employers: W-2 Phishing Emails The… Read More

Employees Are Biggest Threat to Healthcare Data Security

Two new reports illustrate the threat of employee carelessness and maliciousness to healthcare data security Healthcare data security is under attack from the inside. While insider threats – due to employee error, carelessness, or malicious intent – are a problem in every industry, they are a particular pox on healthcare data security. Two recent reports… Read More