CyberSecurity Blog

Despite Scant Details on Hacks, Law Firms Poised to Pounce on Norton, Fairfax Oral Public details have been scant so far from two medical care providers about recent major hacks that compromised the personal information of an unconfirmed number of patients. But that hasn’t stopped the push by class action attorneys, who are already filing…
Read more

Amit Yoran Says Microsoft Left Critical Azure Vulnerability Unpatched for 4 Months Tenable CEO Amit Yoran once again accused Microsoft of irresponsible security practices, this time for letting a critical Azure vulnerability stay unpatched for four months. Tenable told Microsoft about a flaw in an Azure service that would allow an unauthenticated attacker to access…
Read more

Solution Architecture Director Andrew Hoyt Shares Expel’s Q1 2023 Threat Report According to Expel’s Q1 2023 Quarterly Threat Report, criminals are exploiting 1- to 2-year-old vulnerabilities. This suggests organizations don’t know which vulnerabilities pose the biggest threats to their environments, said Andrew Hoyt, Expel’s director of solution architecture.http://dlvr.it/St6BfP

Shadow IT Incident: Health Staff Shared Images and Video Using Unauthorized Tool Shadow IT strikes again: Britain’s privacy watchdog has reprimanded the NHS Lanarkshire health board in Scotland after finding its staff used WhatsApp for the unauthorized sharing of patient data and images as a workaround for in-person clinical discussions during the coronavirus pandemic.http://dlvr.it/St5xDS

ICYMI: Campaign Uses Malicious Microsoft Office Attachments A malware downloader is spoofing Italian organizations, including the tax agency, to deliver a banking Trojan to target Italian companies, said researchers. Proofpoint callsthe downloader WikiLoader; it ultimately leads to the Ursnif banking Trojan.http://dlvr.it/St44jQ

ICYMI: Network Converted Russian Rubles Into Ukrainian Hryvnia Via Cryptocurrency Ukraine blocked an illicit money laundering network operating across the country that made use of sanctioned Russian payment systems and cryptocurrency exchanges to convert Russian rubles into Ukrainian hryvnia. The “black money exchanges” network processed more than $4 million monthly.http://dlvr.it/St3zqp

Your domain name is your website’s handshake, its first hello to online visitors. It is like your digital calling card, letting people locate you in the digital world to learn about your …http://dlvr.it/St3nYb

ICYMI: Allegheny County Advises 1 Million Victims: Don’t Trust Promises to Delete Data The number of organizations and individuals affected by the Clop ransomware group’s data-stealing attack on MOVEit servers continues to rise. So far, at least 545 organizations have been affected and data from 38 million individuals has been stolen.http://dlvr.it/St3SSG

ICYMI: Healthcare entities are “stressed,” in the words of SailPoint’s Rob Sebaugh, and identity security in particular has paid a steep toll. But modernization, led by AI-driven identity security, can help reduce risk and even enable new levels of clinician autonomy.http://dlvr.it/St2bmc

Campaign Uses Malicious Microsoft Office Attachments A malware downloader is spoofing Italian organizations, including the tax agency, to deliver a banking Trojan to target Italian companies, said researchers. Proofpoint callsthe downloader WikiLoader; it ultimately leads to the Ursnif banking Trojan.http://dlvr.it/St1Lk0