Petronella Cybersecurity News

Two billion dollars sure does sound like a lot of money for a class action lawsuit, but when you are a major credit reporting agency whose negligence compromised over 147 million people’s personal information? It’s really not.  Click here to file a claim free, online, if you were a potential victim of the massive Equifax […]

Among all the security features available today, two-factor authentication (2FA) is by far one of the most important, and apparently, Google is aware of that!  In their most recent iOS “Smart Lock” app update, they included a feature that will allow you to use your iPhone as a physical 2FA device.  After you set it […]

I know you are all aware of what I’m about to tell you, but just in case you momentarily forgot, I’m going to refresh your memory… Every year, Microsoft stops supporting select versions of its software.  What this means is that they discontinue any sort of security updates or patches.   What does this mean for […]

In case you were ever wondering if your practice needs to encrypt its ePHI? Let the $3 million HIPAA penalty paid last month by the University of Rochester Medical Center (URMC), one of the largest medical systems in NY State, serve as a warning. The Department of Health and Human Services’ Office for Civil Rights […]

Directly on the heels of LockerGoga and MegaCortex, a different strand of ransomware, Maze, which was first discovered nearly a year ago, started to target private companies in the US in November, and the FBI wants to make sure you know about it. Just two days after issuing an alert for LockerGoga and MegaCortex, the […]

Ibrahim Balic, a security researcher, recently exposed a flaw in Twitter’s app that allowed to match unique Twitter user accounts with 17 million phone numbers months ago.  He was able to accomplish this by uploading large lists of phone numbers by way of Twitter’s “Contacts Upload” feature that is available on the social media giant’s […]

It seems like something that only happens in movies and TV shows: It’s Friday the 13th.  You, your colleagues, your entire department, the entire city, in fact, receives the same command to power down their computers immediately and disconnect all devices from the network. But this wasn’t a movie and it wasn’t a TV show… […]

“Eight is Enough” A great, wholesome, family show from the late 70’s and early 80’s.  Also: what Sentara Hospital, with over 300 facilities across the states of North Carolina and Virginia, is telling the Department of Health and Human Services’ Office for Civil Rights (OCR) after being on the receiving end last month of this […]

There is a reason hackers have started targeting hospitals and medical practices.  Not only is their cyber security known to be woefully lacking (despite the best efforts of the U.S. Department of Health and Human Services [HHS] and HIPAA regulations), but the electric Patient Health Information (ePHI) can literally be life and death.  Meaning?  The […]

Researchers at Trustwave recently discovered a malicious spam campaign.  The email comes as an executable file via email with a tell-tale two sentence subject line that reads “Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update!” There is only one sentence to the actual email itself. Disguised as a .jpg, the file really contains […]

Looters broke into a Durham health clinic sometime after the downtown gas explosion on April 10th that affected over 20 businesses, injured 25 people, and caused the death of two people. The subsequent theft of clinic property has prompted the clinic to notify patients that their information, including diagnoses and treatment information may have been […]

PureLocker, an unusual form of ransomware that attacks enterprise servers, has gone undetected for some time but has recently been revealed by cybersecurity analysts at Intezer and IBM X-Force.  What makes PureLocker so unique is that it’s written in PureBasic programming language.  Malicious software written in PureBasic is difficult for most security systems to detect.  […]

HIPAA Violations have been making headlines recently, and for good reason. Fines for violations can be crippling to companies, and the more mobile our data becomes, the greater the risk for security breech. According to the Health and Human Services website, as of September 30, 2019 the OCR has settled or imposed a civil money […]

Ascension is sharing private healthcare information with Google.  The project, dubbed “Project Nightingale,” was put into play to help Ascension centralize its patient database for the over 2600 hospitals in its healthcare system.  Patient information, including names, test results, and dates of birth are also being collected by Google to help develop a new software […]

Global social media ad spending is projected to grow by as much as 20% this year, bringing it up to the number three slot of largest advertising channels according to Zenith’s Advertizing Expenditure Forecast. Zenith is a media ad agency parented by Publicis Media. $84 billion is slated for global social media spending, exceeding print […]

Researchers at Kaspersky have uncovered a new highly sophisticated, high impact malware threat that breaks encryption:  Reductor.  According to the researchers, the malware “compromises encrypted web communications in an impressive way” and gives the threat actors behind it “capabilities that few other actors in the world have.” Reductor compromises the encrypted HTTPS communication, which enables […]

The Federal Bureau of Investigation (FBI) released a warning to U.S. businesses and organizations Wednesday regarding high-impact threats across the country.  Numerous cyberattacks have been documented recently involving ransomware.  Despite the ever-evolving attack strategies, the FBI highlights three main attack techniques that are being used by criminals to avoid detection and infiltrate businesses and organizations: […]

According to Danny Adamitis and Elizabeth Wharton from Prevailion, spear phishing emails have been targeting the U.S. utilizing an obscure file format to beat antiviral software.  They call this campaign “Autumn Aperture”.  Attackers are sending word documents to recipients with content specialized to the victim’s recent activities.  This level of specialization results in a significantly […]

Not one but THREE hospitals in the DCH Health System in Alabama are unable to accept new patients today due to ransomware: DCH Regional Medical Center in Tuscaloosa, Northport Medical Center in Northport, and Fayette Medical Center.  Cybercriminals have demanded an undisclosed amount of money for the unlock code. “A criminal is limiting our ability […]

A security researcher who goes by the Twitter handle “axi0mX” announced on Friday that there is a permanent Bootrom vulnerability “checkm8” in Apple iOS.  The flaw enables bypassing the security protections present in most Apple mobile devices.  Downside: cannot be patched.  Upside: physical access is needed  to exploit it and a system restart erases any […]