Petronella Cybersecurity News

As we have previously reported, the spotlight glaring down on teleconference giant, Zoom, during this Covid-19 lock-down has uncovered some pretty major security breaches. Fortunately for those quarantined around the globe, it appears that the company is putting some real effort into fixing those issues. Zoom 5.0 Update Zoom is apparently working on updates to […]

Working from home during the global pandemic has allowed the nations of the world to keep their economies limping along while they search for a fix, but it has come with a price.  Many remote workers’ home offices are utilizing Virtual Private Networks, or VPNs, to to log in, but they lack the level of […]

I don’t think we can stress this enough… Cybercriminals have ZERO shame. They don’t even blink at exploiting a global pandemic for their own personal gain.  How do we know that?  By the increase in ransomware and distributed denial-of-service (DDoS) attacks during global lock down, when  the need to access networks and online businesses is […]

With the halt of HIPAA (Health Insurance Portability and Accountability Act of 1996) audits by the Department of Health and Human Services’ Office (HHS) for Civil Rights (OCR), the healthcare industry is seeing a decline of about 2% annually in compliance with HIPAA’s Security Rule (NIST 800-66).  With that, however, has been a rise in […]

It’s a lot easier to get away with bad deeds when the attention isn’t on you… Which is a lesson Zoom is learning right about now,  as the business booms in the wake of the global pandemic. In addition to all the other privacy concerns we outlined in our previous article about Zoom, a recent […]

With the Coronavirus raging, more and more people are working remotely than ever before.  Meaning there are more people using online platforms than ever before to conduct meetings, share work and generally communicate with co-workers than ever before. Unfortunately, that also means more hackers are able to take advantage of employees working from home than […]

While it can be argued that many groups haven’t necessarily had the best reactions to this pandemic that is majorly impacting lives around the globe, one group who deserves serious accolades is the COVID-19 CTI League,  which is a group of 400 cyber security volunteers spanning over 40 countries, who have taken it upon themselves […]

Private data is prone to exposure by an as-yet patched bug in Apple’s most recent iOS 13.4, due to a VPN bypass issue that fails to terminate all connections, thus leaving behind traces of data that are, nonetheless, unprotected. But as Apple works on the patch, researchers recommend users take the following steps to decrease […]

Hackers have wasted no time in exploiting the chaos being wreaked on the world by the Coronavirus by hijacking routers and changing DNS settings to redirect their targets to fake Coronavirus apps and infecting their devices with Oski malware that steals their information.  So far, over 1,000 victims have been reported. Though the scam started […]

Right now, in this time of utter uncertainty, there is a lot of anxiety going around and a lot of questions that just can’t be answered yet: “Can I still work?” “Will I have enough supplies to survive?” “Am I going to be able to keep my home office safe from hackers?” One thing you […]

A disruption to your routine, like social distancing to avoid making a pandemic worse, can be the source of stress and anxiety.  If this is your first time working from home, however,  you should know that there are a lot of benefits!  While the thought of working while your children run around the house may […]

Working from home right now in the early days of a pandemic is the best case scenario for attempting to stop the spread of the Coronavirus.  A lot of people think this is just another flu, but it’s not, and the differences between COVID-19 and the flu or the common cold are important in understanding […]

There are a myriad of reasons not to allow workers to work remotely… From security concerns to productivity issues, it’s hard to give up the ability to monitor what your staff is doing. But there are certain times when it is the only real option you have.  One of the biggest advantages to being able […]

After a year-long study of the US’s cyberdefense abilities, a bipartisan congressional committee has concluded in a 122-page report, that we are not properly prepared for cyberattacks from adversaries, including Russia, N. Korea and Iran and in fact is calling for a complete overhaul of both offensive and defensive cybersecurity actions including, but not limited […]

It’s no coincidence that the maturity levels in the new Cybersecurity Maturity Model Certification (CMMC) are being referred to as levels of “cyber hygiene.”  The World Health Organization (WHO) has been advising us that the most efficient way to protect against the Coronavirus (COVID-19) is to wash our hands regularly for at least 20 seconds […]

What is Breach Fatigue? You know when you are craving a food… Let’s say pepperoni pizza.   You think about it all day.  You dream about it at night.   You’re trying to watch your figure but that warm, stretchy, gooey, deliciousness won’t stop haunting you. So you give in.  You’re going to have “just one slice” […]

By this point, you should hopefully understand that the purpose of the Cybersecurity Maturity Model Certification (CMMC) is to simplify cybersecurity for federal contractors and sub-contractors. Katie Arrington, the DOD’s Chief Information Security Officer for Acquisition and Sustainment, noticed (quite aptly) that “self-certifying” just wasn’t cutting the cake, so to speak.  Hackers were targeting contractors, […]

State Department officials blamed the Russian military intelligence agency’s (GRU) Main Center for Special Technology (GTsST), for cyberattacks targeting the country of Georgia this past October; attacks that not only impacted thousands of websites, but actually disrupted two Georgian networks.  This is the first time the US State Department openly linked the GTsST to Sandworm, […]

Sometimes, government requirements and regulations can make you feel like you are Alice falling down new rabbit holes, trying to figure out just what exactly your business needs to do to win (and keep) your contracts and subcontracts. Do you need to be NIST certified? SP 800-53 or SP 800-171, or both?  What are FARS […]

Beginning today, February 25, 2020, Mozilla will now automatically send all of their US-based customers’ DNS queries to Cloudflare DNS servers, as opposed to the default DNS servers set by their users via their new feature, DNS-over-HTTPS (DoH). DoH executes DNS look-ups over an encrypted server instead of just sending them over plaintext, making it […]