Soldier and dog

Patients’ PTSD Details Leaked After Law Firms Hacked

Law firms appear to be the latest black hat hacking trend. No less than FIVE law firms have been breached by cybercriminal group, Maze, in the last four months, and the results have been devastating.  Not only have these criminals STOLEN data, but they’ve also released extremely sensitive protected health information (PHI) from veterans’ pain diaries in connection with personal …

Columbus County School Still Not Whole After October Cyberattack

The Columbus County school system, which was taken offline after a cybersecurity attack last October, is STILL feeling the effects today, even though progress is being made. Last night, school officials updated the county commissioners at a meeting on their current situation.  The National Guard has been helping and while some of their equipment has been recovered, the school district …

Hundred dollar bills

Is CMMC Going to Cost My Business a Small Fortune?

One of the most frequent questions I hear from clients about the new Cybersecurity Maturity Model Certification, after a few choice words, is “How much is this going to cost me?” It’s a great question, and one I can’t fully answer because, unfortunately, they haven’t even rolled out the auditor program yet!! That being said, it does appear that the …

Arm wrestling

NHS Cyber Security Strengthened

Healthcare providers in the US aren’t the only ones dealing with increased cyber attacks. A new report shows that while the National Health Service (NHS – the UK’s Government-funded medical and health care services provider) was compromised over 200 times by ransomware attacks from 2014 to 2017, the measures they took to fortify their cyber security since 2017 has really …

Hand over money

Is Your Data Being Sold to Marketers by Your Antivirus Software Company?

“Nothing in life is free.” A lot of people use Avast’s antivirus to protect their computer.  It costs you nothing out of pocket and it’s a pretty effective little cybersecurity tool. Sound to good to be true right? That’s because it is. Did you know that, by default, Avast not only collects your browser activity, but it also sells it …

United Nations

United Nations Hack and Cover-Up

Not only has it been leaked that the UN was hacked, but there’s also evidence suggesting they tried to cover it up. What We Know According to a confidential internal document that was leaked to The New Humanitarian and shared with the  Associated Press (AP), more than 40 servers in Geneva and Vienna were compromised.  This includes the UN’s human …

looking out rainy window

Hackers Have Started Ransoming Patient Data… to the Patients

As if having your medical data compromised wasn’t bad enough… Now your medical secrets are being held hostage! It’s a breezy but sunny afternoon.  You’re going about your day, minding your own business when you receive a random text message from an unknown number saying that they have personal medical information about you that they will release, unless you pay up… …

Equifax

Was Your Data Compromised by Equifax? Better Act Fast!

Two billion dollars sure does sound like a lot of money for a class action lawsuit, but when you are a major credit reporting agency whose negligence compromised over 147 million people’s personal information? It’s really not.  Click here to file a claim free, online, if you were a potential victim of the massive Equifax breach. After months of dragged-out …

Authenticate Your Google Account With Your iPhone

Among all the security features available today, two-factor authentication (2FA) is by far one of the most important, and apparently, Google is aware of that!  In their most recent iOS “Smart Lock” app update, they included a feature that will allow you to use your iPhone as a physical 2FA device.  After you set it up in Chrome, when someone …

Microsoft

Microsoft’s Comprehensive End of Support List for 2020

I know you are all aware of what I’m about to tell you, but just in case you momentarily forgot, I’m going to refresh your memory… Every year, Microsoft stops supporting select versions of its software.  What this means is that they discontinue any sort of security updates or patches.   What does this mean for YOU? It means that if …

Just How Not “HIPAA Mandatory” Is Encryption?

In case you were ever wondering if your practice needs to encrypt its ePHI? Let the $3 million HIPAA penalty paid last month by the University of Rochester Medical Center (URMC), one of the largest medical systems in NY State, serve as a warning. The Department of Health and Human Services’ Office for Civil Rights (OCR) received breach reports in …

FBI Warns Business Owners: Beware of Increasing Maze Attacks

Directly on the heels of LockerGoga and MegaCortex, a different strand of ransomware, Maze, which was first discovered nearly a year ago, started to target private companies in the US in November, and the FBI wants to make sure you know about it. Just two days after issuing an alert for LockerGoga and MegaCortex, the FBI has issued a “TLP: …

Twitter Vulnerability Exposed in a Big Way

Ibrahim Balic, a security researcher, recently exposed a flaw in Twitter’s app that allowed to match unique Twitter user accounts with 17 million phone numbers months ago.  He was able to accomplish this by uploading large lists of phone numbers by way of Twitter’s “Contacts Upload” feature that is available on the social media giant’s Android app. It is interesting …

Ransomware Attack Shuts Down New Orleans

It seems like something that only happens in movies and TV shows: It’s Friday the 13th.  You, your colleagues, your entire department, the entire city, in fact, receives the same command to power down their computers immediately and disconnect all devices from the network. But this wasn’t a movie and it wasn’t a TV show… This actually happened to the …

Sentara Doubled Down When They Should Have Folded

“Eight is Enough” A great, wholesome, family show from the late 70’s and early 80’s.  Also: what Sentara Hospital, with over 300 facilities across the states of North Carolina and Virginia, is telling the Department of Health and Human Services’ Office for Civil Rights (OCR) after being on the receiving end last month of this year’s (2019) 8th HIPAA financial …

Russian Hackers Hold Nursing Home Patients’ Data Ransom for $14M

There is a reason hackers have started targeting hospitals and medical practices.  Not only is their cyber security known to be woefully lacking (despite the best efforts of the U.S. Department of Health and Human Services [HHS] and HIPAA regulations), but the electric Patient Health Information (ePHI) can literally be life and death.  Meaning?  The healthcare industry has no choice …

Cyborg Ransomware Delivers Via Fake ‘Windows Update’ Email

Researchers at Trustwave recently discovered a malicious spam campaign.  The email comes as an executable file via email with a tell-tale two sentence subject line that reads “Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update!” There is only one sentence to the actual email itself. Disguised as a .jpg, the file really contains both the ransomware and its …

Looting Adds Insult to Injury for Durham Clinic

Looters broke into a Durham health clinic sometime after the downtown gas explosion on April 10th that affected over 20 businesses, injured 25 people, and caused the death of two people. The subsequent theft of clinic property has prompted the clinic to notify patients that their information, including diagnoses and treatment information may have been compromised. The clinic suffered significant …