Archive for 2017

Why Signature Based Malware Detection Isn’t Enough Anymore

Monday, August 14th, 2017

We’ve constantly preached that cybercriminals were going to evolve their methods, and the cows have come home. We recently told you about a new type of malware that works around detection by loading itself directly to a computer’s memory instead of as a file, and now we’ve got some more bad news for you. You […]

You Can Now be Sued for Data Breaches

Friday, August 11th, 2017

Have you ever thought about the ramifications of having a data breach compromise the personal data of your clients? In the past you could issue an apology, make a note about beefing up cybersecurity, buy some credit protection for affected people and call it a day. Not anymore. Now you could be facing a lawsuit. […]

Where 60% Of Medical Record Breaches Came from In January 2017

Wednesday, August 9th, 2017

If you’ve kept up with your cybersecurity news, then you know that the medical industry has a long road ahead of itself if that number is going to go down in 2017. For example, did you know that on average there was one health records breach every day in 2016? What about that the month […]

Data Leak from Top 100 US Companies

Wednesday, August 9th, 2017

A report surfaced yesterday that a leading anti-malware product was leaking terabytes of data. Among its clients are some of the top 100 companies in the US. According to the report by DirectDefense, Carbon Black’s Cb Response is leaking all kinds of sensitive data, including usernames/passwords, cloud and app store keys, and various trade secrets. The […]

HBO Hacked

Thursday, August 3rd, 2017

If you haven’t been living with the stone men in Old Valyria, you’ve probably heard of the megahit TV show Game of Thrones, which is HBO’s biggest cash cow right now. (And no, if you aren’t a hardcore viewer of the show, you probably won’t get that joke.) Regardless of where you live, you may […]

Cybersecurity Analyst Hacked

Tuesday, August 1st, 2017

A senior security analyst at a cybersecurity consulting firm appears to have been hacked by a hacker who doesn’t like cybersecurity analysts. The victim is one Adi Perentz, who is a Senior Threat Intelligence Analyst at Mandiant, a cybersecurity consulting firm that was bought by FireEye for a billion dollars a little over three years ago. […]

Why Our “There’s an App for That” Culture Make Your Car Vulnerable to Thieves

Monday, July 31st, 2017

It was the all the rage in 2009, and you probably still hear people say it today. Ever since Apple launched their, “There’s an app for that commercial” people have loved saying it, and they’ve had plenty of opportunities because there’s an app for everything today. Sleep machine apps, apps that show a flame on […]

What a 21st Century Bank Vault Looks Like

Monday, July 24th, 2017

Would you store your money at a bank that only protects your money with some fencing and a padlock? Of course not. There’s a reason banks have their vaults within sight of the front door, because nothing says peace of mind like 2 tons of steel standing between your money and a thief. Unfortunately, the […]

FedEx Enrolls in Cyber School of Hard Knocks

Friday, July 21st, 2017

FedEx has been officially schooled, directly from The School of Hard Knocks, on the importance of cybersecurity. Hopefully they are learning their lesson. Just a few months ago, the delivery giant fell victim to the WannaCry ransomware virus that was being passed around, which was bad enough.  But more recently, they were infected with the […]

Top Five Trends in the Fight against Cyberattacks

Thursday, July 20th, 2017

Ransomware. Total worldwide damages are expected to exceed $5 Billion in 2017 alone.  This is an increase of over 1,500% in two years.  The trend of hitting healthcare organizations does not appear to be going anywhere.  In fact, experts predict that it will have quadrupled by 2020. Hackers target humans. Blackhatters have begun focusing their […]

University Leaves Patient Data Vulnerable for Two Years

Thursday, July 20th, 2017

In another major breach involving healthcare providers’ patient data being exposed on an unsecured site for nearly two years, University of Iowa Health Care reports that in April of this year, they discovered that over 5000 patients’ sensitive information had been posted online, unencrypted, since May 2015, on a site that develops applications. On April […]

$7M Stolen in 3 Seconds with Simple Trick

Thursday, July 20th, 2017

A simple bait-and-switch con lined a hackers’ pockets with over $7 million in stolen currency. CoinDash, an Israeli Ethereum-trading startup group, had a slight glitch in their Initial Coin Offering (ICO).  During the ICO, the company allowed its investors to send tokens to its “smart contact address” in exchange for their new currency, Ethereum.   […]

Malware Finds New US Target

Thursday, July 20th, 2017

NotPetya, malware that was designed to permanently damage hard drives, has impacted companies providing medical transcription services in over 60 countries, and has officially disrupted hospitals in the American Midwest. Nuance Communications, a Burlington, MA-based company that provides voice transcription services for healthcare providers primarily located in the Wisconsin and other Midwest states, announced yesterday […]

Are Cameras being Used Against You?

Wednesday, July 19th, 2017

After discovering a potentially devastating bug in the code they use in their video cameras, a maker of high-end security cameras, Axis Communications, has taken the lead in patching an issue that, if exploited, would allow the hacker to crash or even take remote control of the device. Hopefully others in the industry will follow […]

Why A Gambling Ban in Russia Led to Hacking in America

Tuesday, July 18th, 2017

In 2009, Vladimir Putin shut down the Russian gambling industry. Not through high taxes or constricting regulations, but he actually made gambling illegal in Russia. The entire gambling industry disappeared overnight because of its ties to Georgian criminals who were thought to be running most casinos. But if you haven’t heard about Russia’s gambling ban […]

TideCheck App Used by CIA to Spread Malware

Friday, July 14th, 2017

The CIA created an app called TideCheck that is a secret vehicle for HighRise malware; malware was designed to seize SMS on Android smartphones, according to a report recently released by Wikileaks. The good news is that this version, dated from back in late 2013, only works on Android versions 4.0-4.3.  It must also be […]

Massive Security Holes in Samsung Products

Thursday, July 13th, 2017

A company wanted to pitch their bug finding code to a big Samsung, and what better way to show the value of a product than to run it on Samsung’s software? When Andrew Karpov of Program Verification Systems checked Samsung Tizen, the open-source Linux-based operating system powering a ton of Samsung products, including TVs, mobile […]

14 Million Verizon Records Exposed

Thursday, July 13th, 2017

It’s a cautionary tale of why you should make sure any vendors you use are as tight with their security as you are. (Or tighter.) The data, which included names, phone numbers, and PINs of Verizon customers who had called the mobile provider’s customer support in the last six months was left on an Amazon […]

Is eClinicalWorks Making Improvements after Massive Fine?

Tuesday, July 11th, 2017

After a $155 million fine levied in May by the Department of Justice (DOJ), and with the threat of a class action lawsuit looming, it appears that eClinicalWorks (eCW) may have learned their lesson.  But is it too little, too late? Doug Brown is a managing partner at Black Book, which is a firm that […]

Ransomware Data Breach at Cleveland Medical Associates

Monday, July 10th, 2017

Cleveland Medical Associates was hit with ransomware back in April and has ordered identity protection service for the roughly 22,000 patients whose identities were at risk. “Wait a second,” you might be saying. “They need to order identity protection service because of ransomware?” Possibly. Regulators are starting to classify ransomware as a data breach, particularly […]