October 17, 2017 KRACK WiFi Security Vulnerability Allows Attackers to Decrypt WiFi Traffic Security researchers at the University of Leuven in Belgium have discovered a WiFi security flaw in WPA2 called KRACK. The KRACK WiFi security vulnerability affects all ... Read more
October 15, 2017 Department of Education Issues Advisory to Hacking and Extortion Threats Recently, the hacking group TheDarkOverlord has been targeting K12 schools; gaining access to networks, stealing data and attempting to extort money. In response to the ... Read more
October 8, 2017 Phishing Has Been the Leading Vector for Cyberattacks in 2017 A recent email security report from anti-phishing vendor IronScales shows that throughout 2017, the leading cyberattack vector is phishing emails, which account for almost 95% ... Read more
October 5, 2017 Responding to a Cyberattack: Advice Issued by OCR Recently, the Department of Health and Human Services’ Office for Civil Rights published new guide lines for covered organizations on the correct way to respond ... Read more
October 5, 2017 New Rowhammer Exploit Enables Hackers to Bypass Mitigations The Rowhammer exploit was first discovered in 2014 and was shown to allow attackers to take control of devices by targeting DRAM memory cells. Rowhammer ... Read more
October 5, 2017 3 Billion Accounts Compromised in 2013 Yahoo Data Breach While the 2013 Yahoo data breach was soon known to involve many of the company’s customers, it became apparent in December 2016 that 1 billion ... Read more
October 5, 2017 Flusihoc Botnet Activity Increases, Delivering Crippling DDoS Attacks The Flusihoc Botnet is being used for crippling DDoS attacks, some as high as 45 Gbps according to researchers at Arbor networks. The botnet has ... Read more
September 19, 2017 Equifax Announces Second Data Breach Occurred Five Months Ago The Equifax data breach that exposed the records of 143 million consumers was not the only data breach the firm experienced this year. Equifax has ... Read more
September 15, 2017 Three Quarters of UK Businesses Have Experienced Email Security Incidents Phishing is the number one cybersecurity threat in the UK, and UK businesses are increasingly coming under attack. A new report from the leading provider ... Read more
September 14, 2017 Beware of Equifax Data Breach Phishing Scams Consumers are being warned to be on high alert for Equifax data breach phishing scams, telephone and text message scams, and fraudulent use of their ... Read more
September 10, 2017 Equifax Data Breach Affects 143 Million Consumers A massive Equifax data breach has resulted in the exposure, and possible theft, of 143 million American’s records, including highly sensitive data such as Social ... Read more
September 7, 2017 Finding ‘Big, Juicy, Egregious’ HIPAA Breaches Priority for OCR Head The main enforcement priority for 2017 of Roger Severino, the Director of the Department of Health and Human Services’ Office for Civil Rights (OCR), is ... Read more
August 16, 2017 Getting Basics Correct Key to Avoiding Data Breaches Intrusion identification systems, next generation firewalls, insider threat management software and data encryption will all help healthcare groups recognize danger, cut out security violations, and ... Read more
August 12, 2017 Breach Notification Rule is Violated by Delaying Issuing of Breach Notifications The HIPAA Breach Notification Rule (45 CFR §§ 164.400-414) states that covered organizations to advise the HHS’ Office for Civil Rights of any violation of ... Read more
August 8, 2017 Siemens CT and PET Scanners Vulnerable to Cyberattacks The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about vulnerabilities in Siemens CT and PET scanner systems. ... Read more
August 3, 2017 NotPetya Attack on Nuance Communications Not Reported to OCR The Department of Health and Human Services’ Office for Civil Rights has previously made it clear, in its ransomware guidance, if ePHI is encrypted ransomware ... Read more
July 31, 2017 Anthem Inc Announces 18,580 Record Data Breach Anthem Inc., has recently settled a class-action lawsuit filed by the victims of its 2015 data breach that saw 78.8 million health insurance records stolen ... Read more
July 28, 2017 HIPAA Breaches Under Investigation Highlighted in OCR Data Breach Portal Update In June 2017, the Department of Health and Human Services announced it was considering an update to its data breach portal, normally called the OCR ... Read more
July 27, 2017 Global Cyberattacks Boost Sophos Quarterly Results The British cybersecurity firm Sophos has announced its quarterly results, which were much improved in no small part due to the recent WannaCry and NotPetya ... Read more
July 25, 2017 Data Breach Reporting Tool Updated by OCR Following the passing of the HITECH Act in 2009, the Department of Health and Human Services’ Office for Civil Rights developed its data breach reporting ... Read more
July 21, 2017 ITRC Report Shows Hacking Continues to be the Main Cause of Data Breaches The main cause of data breaches in the United States is still hacking according to a new report released by the Identity Theft Resource Center ... Read more
July 20, 2017 Study: Data Breaches by Ex Employees a Concern A recent study carried out by OneLogin showed many groups are not doing enough to stop data violations by ex-employees. While access to computer systems ... Read more
July 20, 2017 Ransomware Investigation Uncovered 15-Month Data Breach When Peachtree Neurological Clinic was attacked with ransomware all was not lost as data were recoverable from backups; however, the ransomware investigation revealed something far ... Read more
June 28, 2017 Global Petya Ransomware Attacks involve Modified EternalBlue Exploit Global Petya ransomware attacks are underway with the campaign bearing similar hallmarks to the WannaCry ransomware attacks in May. The attackers are using the a ... Read more
June 28, 2017 Anthem Agrees Largest Ever Data Violation Settlement The largest ever data violation settlement has recently been agreed by the health insurer Anthem Inc. Anthem was hit with a cyber attack in 2015 ... Read more
June 27, 2017 $115 Million Anthem Data Breach Settlement Agreed A $115 million Anthem data breach settlement has been agreed in the consolidated data breach case filed on behalf of the 78.8 million victims of ... Read more
June 21, 2017 CoPilot Fined $130,000 by NY AG for Breach Notification Submitted Late A data breach that happened in the second half of 2015 should have seen targeted people warned within 2 months. However it took CoPilot Provider ... Read more
June 19, 2017 New York Attorney General Fines CoPilot for Delaying Breach Notifications Under Health Insurance Portability and Accountability Act (HIPAA) Rules, covered entities must report data breaches within 60 days of the discovery of a breach. Affected ... Read more
June 15, 2017 Southern Oregon University Phishing Attack Results in Theft of $1.9 Million A Southern Oregon University phishing attack has resulted in the theft of $1.9 million from the university’s accounts – Arguably the worst phishing attack of ... Read more
June 13, 2017 Q2 Saw a 400% Increase in Phishing Attacks on Businesses The threat from phishing has been growing steadily over the past few years, but a new report from Mimecast shows the threat is greater than ... Read more