Elizabeth Hernandez
HIPAA Security Awareness Training
HIPAA security awareness training should have the objective of showing members of the workforce why it is important to protect the confidentiality, integrity, and availability of individually identifiable health information as well as explaining cybersecurity best practices to prevent unauthorized … Read more
UMC Health System Hit by Ransomware Attack
In late September 2024, the UMC Health System in Lubbock, Texas, suffered a ransomware attack that greatly affected its IT infrastructure. The attack forced the health system to divert ambulances and patients to other hospitals as its systems were offline. … Read more
Vulnerabilities in Linux CUPS Printing System Expose Network Risks
Linux systems have recently come under threat due to a set of Remote Code Execution (RCE) vulnerabilities identified in the Common Unix Printing System (CUPS). These vulnerabilities, classified as severe, have the potential to enable unauthorized attackers to run arbitrary … Read more
Minimum Cybersecurity Standards Proposed in Healthcare Bill
A new bill known as the “Health Infrastructure Security and Accountability Act of 2024,” has been introduced to the U.S. Senate to strengthen cybersecurity standards for healthcare information systems. This legislative proposal aims to implement strict security protocols across the … Read more
Storm-0501 Threatens Hybrid Cloud Security with Ransomware Attacks
The financially motivated cybercriminal group known as Storm-0501 is targeting U.S. industries, including government, manufacturing, transportation, and law enforcement, through ransomware attacks on hybrid cloud environments. Microsoft has detailed how this group’s multi-stage attack campaigns compromise on-premises systems, steal credentials, … Read more
New Bill Tackles Chinese Cyber Threats to US Infrastructure
The U.S. House Homeland Security Committee has introduced new legislation aimed at strengthening the nation’s cybersecurity defences against threats from China. This bill establishes an interagency task force to assess the risks by state-sponsored cyber actors, including groups like Volt … Read more
Lessons from Suffolk County’s Ransomware Attack
In September 2022, Suffolk County, New York, became the victim of a ransomware attack carried out by the AlphV/BlackCat group. This incident crippled government services for months, disrupted emergency operations, and cost the county over $25 million in remediation. A … Read more
HIPAA Compliance on Resume
Including HIPAA compliance on a resume is important for candidates in healthcare, IT, administration, and other fields handling sensitive health information. Including this skill emphasizes an understanding of patient privacy and data protection standards, making it particularly relevant for roles … Read more
Change Healthcare Data Breach Latest Update
In February 2024, Change Healthcare suffered a ransomware attack that exposed sensitive personal and medical data. This breach affected millions of Americans, potentially impacting up to one-third of the U.S. population. By mid-July 2024, Change Healthcare began sending notification letters … Read more
NISTs New Guidelines for Digital Identity Security
The National Institute of Standards and Technology (NIST) has released the second public draft of its updated Digital Identity Guidelines, aiming to improve the way people verify their identity online. The updated guidance focuses on both traditional identification methods, such … Read more
OCR Issue Advice on Importance of Facility Access Controls in Latest Cybersecurity Newsletter
The Office for Civil Rights (OCR) has issued a reminder to all HIPAA-regulated entities through its latest cybersecurity newsletter. Facility Access Controls are not a formality, they are a necessary aspect in securing electronic protected health information (ePHI). As cyber … Read more
The Hidden Security Threat in Contactless Key Cards
A security flaw has been discovered in millions of contactless key cards used worldwide for office and hotel access. French cybersecurity firm Quarkslab has identified a hardware backdoor in chips manufactured by Shanghai Fudan Microelectronics Group, a leading supplier of … Read more
Flawed NetSuite Setup Leaves Customer Data Exposed
Thousands of Oracle NetSuite SuiteCommerce sites have been found vulnerable to exposing sensitive customer data due to misconfigured access controls on Custom Record Types (CRTs). This issue emanates from user misconfigurations rather than a flaw in NetSuite, potentially exposing personal … Read more
Global Disruption from CrowdStrike Falcon Sensor Update
An incident involving CrowdStrike’s Falcon Sensor software recently led to a global crash of millions of Windows devices. The root cause analysis conducted by CrowdStrike traces the issue back to a problematic content update, pointing to the requirement of testing … Read more
Understanding HIPAA Training Requirements
Understanding HIPAA Training Requirements The Health Insurance Portability and Accountability Act (HIPAA) training requirements ensure that healthcare organizations and their business associates comply with the regulations designed to protect the privacy and security of Protected Health Information (PHI). Familiarizing yourself … Read more
MOVEit Hack Impacts Delta Dental of California and Pan-American Life Insurance Group
MOVEit Hack Impacts 7 Million People from Delta Dental of California Delta Dental of California reported that it suffered from a mass exploitation conducted by the Clop hacking group of a zero-day vulnerability identified in the MOVEit Transfer solution by … Read more
Unauthorized Use of Software and Cloud Services is a Major Security Risk
Many businesses concentrate on technical measures to protect them against cyberattacks. They invest in firewalls, multifactor authentication, advanced email security solutions, and web filters to block attacks at source, yet often neglect the human factor and do not provide adequate … Read more
Malvertising Campaign Leads to Cactus Ransomware Attack
There are many ways that cybercriminals gain access to business networks, including phishing attacks and exploiting unpatched vulnerabilities. Many businesses now provide security awareness training to employees to improve phishing awareness, but it is also important to teach the workforce … Read more
Email Sextortion Scams are on the Rise
Email is commonly used by threat actors for initial contact with victims and while most attacks attempt to steal credentials or distribute malware distribution, another type of scam has been steadily increasing. Sextortion scams have increased by 178% year over … Read more
Cybercriminals Turn to Web Browsing to Deliver Ransomware
Ransomware attacks have increased significantly in 2023 and the file encrypting malware is now used in around 20% of cyberattacks. Ransomware is used to encrypt business-critical files to prevent access, and a ransom demand is issued for the keys to … Read more
Search Engine Ads Abused to Gain Initial Access to Business Networks
Employees are being targeted in a new malvertising campaign that uses Google and Bing Ads offering a variety of trojanized installers for software solutions such as AnyDesk, Cisco AnyConnect VPN, and WinSCP. These campaigns deliver malware that establishes initial access … Read more
Malicious Ads and Phishing Emails Used to Distribute RomCom Malware
RomCom malware is being distributed via a range of websites that claim to offer downloads of popular software solutions such as AstraChat, GIMP, Go To Meeting, and ChatGPT, and traffic is being sent to those websites by malicious Google Ads … Read more
Threat Actors Increasingly Using Google Ads for Malware Distribution
Malicious actors are abusing Google Ads to drive traffic to malicious websites where malware is downloaded, and abuse of Google Ads for malware distribution is increasing. Google places its Ad blocks at the top of the page, so the adverts … Read more
Major Phishing Campaign Targets Facebook Credentials
While many phishing scams target Microsoft 365 credentials due to the usefulness of the accounts and the data they hold, social media credentials are also highly prized. If a phisher is able to steal Facebook credentials, they can gain access … Read more
Increase in Adversary-in-the-Middle Phishing Attacks That Allow MFA to be Bypassed
Security experts have long recommended that multi-factor authentication be implemented to protect against phishing attacks and for good reason. Single-factor authentication – a password – provides a degree of protection against unauthorized account access; however, with modern GPUs, it is … Read more
Cybercriminals Turn to Malvertising for Malware Distribution Now Microsoft Blocks Macros
Now that Microsoft has started blocking macros in Office documents delivered via the Internet, distributing malware via email has become more difficult and hackers have been forced to change their tactics, techniques, and procedures. This has been seen in phishing … Read more
2022 Phishing Trends and the Outlook for 2023
Several new phishing trends were evident in 2022 as cybercriminals changed their tactics for stealing credentials and distributing malware. The same tried and tested techniques were used in many phishing campaigns, including delivery failure notifications, fictitious charges to accounts, security … Read more
Relatively Simple Smishing Attack Compromised 130 Organizations
Phishing can take many forms and while email phishing is by far the most common way that threat actors phish for sensitive information and distribute malware, other forms of phishing are increasingly being used in attacks on businesses. Cybercriminals are … Read more
Tardigrade Malware Used in Targeted Attacks on Vaccine Manufacturers and Biomedical Firms
Biomedical firms and their partners are being targeted by an Advanced Persistent Threat (APT) actor in a campaign that delivers Tardigrade malware. Initial analyses of Tardigrade malware suggest it is a sophisticated threat from the SmokeLoader malware family. SmokeLoader is … Read more
SharkBot: A Dangerous New Android Banking Trojan Targeting European and US Banks
A new Android banking Trojan named SharkBot has been identified that has capabilities that go beyond most mobile banking Trojans. This new Android malware stands out due to its use of an Automatic Transfer System (ATS) technique that allows it … Read more
Rockingham School District Emotet Malware Infection Cost $314,000 to Address
In November 2018 the Rockingham school district in North Carolina suffered an Emotet malware infection that cost a massive $314,000 to resolve. The malware was delivered using spam emails, which were sent to multiple users’ inboxes. The attack included an often-used … Read more
Two New Ransomware-as-a-Service Operations Emerge: BlackMatter and Haron
Following the ransomware attacks on critical infrastructure in the United States, several ransomware-as-a-service operations went quiet. The attacks attracted a lot of heat for ransomware gangs and several groups responded by either implementing new restrictions on the types of entities … Read more
Safari Scareware Targets Porn Viewers
A flaw in the mobile Safari browser has been targeted by cybercriminals and used to extort money from people who have previously used their mobile device to access pornography or other illegal content. The Safari scareware stops the user from … Read more
Ransomware Mitigations to Protect Your Business
It has been a particularly bad year for ransomware attacks on businesses. Many of the attacked businesses have been unprepared for a ransomware attack and did not implement sufficient ransomware mitigations. Had proactive steps been taken, many of the attacks … Read more
Warnings Issued Following Spike in Ransomware Attacks on Schools
The disruption to learning from a pandemic that has lasted more than a year is bad enough, but many schools have experienced even more disruption just as many have opened their gates and allowed students back into classrooms. The SARS-CoV-2 … Read more
Gootloader Malware Delivery Framework Uses SEO Poisoning to Deliver Multiple Malware Variants
There has been an increase in the use of a JavaScript-based infection framework known as Gootloader for delivering malware payloads. Gootloader, as the name suggests, has been used to deliver the Gootkit banking Trojan, but also REvil ransomware, Cobalt Strike, … Read more
U.S. Treasury Hit by Email Hacks
Compromised email accounts take place many times around the world every day of the week and it is estimated that 2.5 billion accounts were hacked during 2019 which equates to 6.85 million accounts being hacked every day. Cybercriminals are always … Read more
Vulnerability in VMWare Virtual Workspaces Attacked by Russian State-Sponsored CyberCriminals
The U.S. National Security Agency (NSA) has released a cybersecurity advisory alert informing the public that Russian state-sponsored hackers are focusing on a flaw in VMWare virtual workspaces used to support remote working. The flaw, labelled as CVE-2020-4006, is present … Read more
APT32 and TA416 APT Groups Delivering New MacOS and Windows Malware Variants
The Advanced Persistent Threat (APT) group APT32 – aka OceanLotus – is conducting a malware campaign targeting Apple MacOS users. APT32 is a nation-state hacking group that primarily targets foreign companies operating in Vietnam. The data exfiltrated by the hackers … Read more
IRS Phishing Spoof Involving Request for Outstanding Tax Payment Discovered
A recent phishing campaign has been discovered that deceived the US Internal Revenue Service (IRS) and tells recipients that their are facing immediate legal action to take back a huge tax repayment. These emails are expertly written and demand immediate … Read more
Best Practices for Managed Services Providers to Adopt to Prevent Cyberattacks
Managed Service Providers are an attractive target for cybercriminals. If a threat actor succeeds in gaining access to an MSP’s network, they can use the same remote management tools that MSPs use to conduct attacks on the MSPs clients. Many … Read more
500k PCs Infected with Cryptocurrency Mining Malware in 12 Hours by Dofoil Trojan
A huge campaign distributing the Dofoil Trojan has been discovered by Microsoft. The campaign has already witnessed almost half a million PCs infected with the malware in less than 12 hours. The Dofoil Trojan is otherwise referred to as Smoke … Read more
Cybersecurity Challenges for Remote Working
It is fair to say that more people are now working from home than ever before and the number is growing rapidly due to the coronavirus pandemic. Here we explore some of the key cybersecurity challenges for remote working and … Read more
How to Prevent a Man in the Middle Attack
You will no doubt have heard of a man in the middle (MiTM) attack. Here we define this attack method, explain how a MiTM attack occurs, and show you how to prevent a man in the middle attack and keep … Read more
Tips to Avoid Holiday Season Spam Email Campaigns
In the rush to buy Christmas gifts online, security awareness often is disregarded and hackers are waiting to take advantage. Hidden among the countless emails sent by retailers to inform past customers of the most recent special offers and deals … Read more
Spam Campaigns Delivering Marap and Loki Bot Malware with ICO and IQY Files
A spam email campaign is being conducted focusing on targeting corporate email accounts to share Loki Bot malware. Loki Bot malware is a data stealer capable of obtaining passwords stored in browsers, obtaining email account passwords, FTP client logins, cryptocurrency … Read more
Email Spam and Botnet Infection Levels Quantified
Although many reports seem to indicate that email spam is dropping, email spam and botnet infection is still a major danger for most U.S organizations and people – with criminal practices netting hacking gangs billions of dollars every year. Estimating … Read more
Threat of Exposure & Multiple Malware Infections being Combined with Sextortion Scams
Sextortion scams have proven popular with hackers in 2019. A well-composed email and an email list are all that is necessary. The latter can easily be bought for next to nothing via darknet marketplaces and hacking forums. Next to no … Read more
Anatova Ransomware: A Serious New Malware Threat for 2019
Anatova ransomware is a new cryptoransomware variant that appears to have been released on January 1, 2019. It is stealthy, can infect network shares, has already been used in attacks in many countries around the world. It could well prove … Read more
How Small Businesses Can Improve Wi-Fi Security
Hackers are taking advantage of poor Wi-Fi security to attack small businesses. This post covers simple steps to take to improve Wi-Fi security to block cyberattacks. Small businesses can implement a robust firewall to protect against cyberattacks, but the Wi-Fi … Read more
