ZDNet has reported that a security flaw in libssh “leaves thousands of servers at risk of hijacking.” (CVE-2018-10933) This was a well written article. However, we believe Catalin Cimpanu, the author, understated the actual risk to organizations when he said “most servers, IoT devices, and personal computers [use the non-vulnerable] openssh instead of libssh.”
Last week our content manager, Mindy Affrime, sent me an article about the risks associated with Medical IoT Devices. The article caught my attention because of the author. It was published by the Cyber Security Engineering Department at the University of San Diego. The article names four areas they believe “will be particularly vulnerable to
Published: May 23, 2017 Security Research By: Vikas Singla & Jason Morris Executive Summary: Exploit: The Split Tunnel SMTP Exploit allows an attacker to bypass an organization’s email security gateway and inject messages with malicious payloads directly into the victim’s email server. This exploit targets a newly discovered vulnerability in popular Email Encryption appliances as a backdoor. Injectable payloads
An update on the WannaCry Ransomware attack. (Source: NY Times) With the clock ticking on whether a global hacking attack would wipe out his data, Bolton Jiang had no intention of paying a 21st-century ransom. Since a week ago, when the malware first struck, Mr. Jiang has been busily fixing and replacing computers at the
The latest on the Bronx Lebanon Hospital cyberattack. (Source: NBC News) Medical records of at least 7,000 patients were compromised in a data breach involving Bronx Lebanon Hospital Center in New York. This hack disclosed patients’ mental health and medical diagnoses, HIV statuses and sexual assault and domestic violence reports, according to records reviewed by
Frost & Sullivan highlights 5 IoT growth areas for 2017 It’s May already, and analysts have begun thinking ahead and considering how the rest of this year is likely to shape up in terms of IoT growth. IoT cybersecurity is on everyone’s mind. The Frost & Sullivan report, European Internet of Things Market Outlook 2017,
A clinic in Baltimore is just one example of a healthcare provider having its records stolen, only to find them for sale on the Dark Web for less than $0.01 per record. Last August a Baltimore substance abuse treatment facility had its database hacked. Patient records subsequently found their way onto the Dark Web, according
Palikan is a browser hijacker that is bundled with other free software that you download off of the Internet. Once installed it will set the homepage and search engine for any installed browsers to http://www.palikan.com without your permission. This itself is not considered malicious as there are many legitimate programs that change these settings as
IBM’s 2016 X-Force Threats Intelligence Index was just released. The stats are amazing. Several major data breaches thrust cybersecurity into the global spotlight in 2016. In the Asia-Pacific region, for example, cybercriminals stole 100 GB of government data from the Indian state of Kerala and made off with 300 GB of voter data in the
Lying in a hospital bed, the last thing you should have to worry about is a personal data breach. Yet recent research co-authored by a Michigan State University business scholar found nearly 1,800 occurrences of large data breaches in patient information over a seven-year period. The study, by Xuefeng “John” Jiang, MSU associate professor of
New Mexico is the latest state to enact a statute that requires that their residents be notified when there has been unauthorized access or use of the individuals’ personally identifiable information (PII). With the passage of New Mexico’s statute, Alabama and South Dakota will be the only two remaining states without equivalent laws. The Data Breach
On February 7, 2017 , the team at Securolytics reported on the massive Yahoo breach which affected 500 million of their customers. Yesterday the US Gov’t indicted Dmitry Dokuchaev, Igor Sushchin, Alexsey Belan, and Karim Baratov—for carrying out that Yahoo hack. The indictment unsealed Wednesday by US authorities against two agents of the Russian Federal Security
Securolytics Web Security detects attempted communication by VoluumTrk Mobile Adware. We thought it would be useful to provide a description of how this programs works to illustrate how Securolytics Web Security protects our customers from having potentially problematic programs introduced into their systems.
Are you satisfied with your IT Security? The experts at Securolytics are working everyday to counter and defeat Healthcare Cybercrime. Is your Healthcare Organization proactive in stopping hackers and cyber criminals? These stats will remind you that the time is now to fight back!
Fast Food Chain Arby’s credit card users attacked. Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if KrebsOnSecurity heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told that site that it recently re-mediated a breach involving malicious software
The team at Securolytics wants our clients and partners to be informed. Here is the newest report from Yahoo about a breach that affected 500 million Yahoo accounts. Yahoo‘s newly issued warning to users about malicious hacks is related to a third data breach that the company disclosed in December 2016.
This Network World article is a fantastic reminder that our emails are still BIG targets for cybercrime. All organizations must stay vigilant. Proactive Prevention is the Best Defense! www.networkworld.com/ Spam is making a surprising resurgence as a threat to corporate security and becoming a more significant carrier of attacks as varied as spear phishing, ransomware
Securolytics is always on the look out for important and current surveys/reports on the state of IT Security. We want our clients and all organizations to be informed. This survey is very telling. If you have an IT Security survey or report you would like to share, please send it to us. We will post
In Dark Reading, a look at Flashpoint’s first “Business Risk Intelligence Decision Report.” In 2017, IoT is a major concern for most organizations. Read on Dark Reading. A new report aims to inform risk management decisions for 2017 by identifying potential security threats and their anticipated effect on businesses.
Our congrats to Georgia Tech. Last month, Georgia Tech was granted a $17.3 million cybersecurity research contract by the US Department of Defense. Their mandate- to help establish new science that quickly, objectively and positively identifies the virtual actors responsible for cyberattack. The IT Security experts at Securolytics are so proud that our University is embarking
Securolytics is working with the Healthcare Industry to proactively defeat CyberCrime. This excellent article looks at the new IoT devices and how they are affecting and providing more opportunity for hackers. Please learn more from our partners More is not necessarily merrier when it comes to health information technology, as this year’s plague of hacking
Securolytics is in the forefront of proactively detecting and disarming hackers and identity theft in businesses large and small. Here are some of the major breaches that occurred around the world in 2016 which are important to be aware of. In later articles, we will analyze in depth some of these attacks, so we can
Securolytics Web Security detects attempted communication by PCKeeper software and related toolbars. We thought it would be useful to provide a description of how PCKeeper works to illustrate how Securolytics Web Security protects our customers from having “Potentially Unwanted Programs” like PCKeeper introduced into their systems.
Securolytics Web Security detects attempted communication by MacKeeper software and related toolbars. We thought it would be useful to provide a description of how MacKeeper works to illustrate how Securolytics Web Security protects our customers from having “Potentially Unwanted Programs” like MacKeeper introduced into their systems.
Last week, Forrester, one of the world’s most influential research and advisory firms, released its “Predictions 2017: Security and Skills Will Temper Growth of IoT” report. “IoT holds the promise to enhance customer relationships and help drive business growth, however, it brings multifaceted complexity”, the report states.
Securolytics Web Security detects attempted communication by the Mindspark family of adware and toolbars. We thought it would be useful to provide a description of how these programs work to illustrate how Securolytics Web Security protects our customers from having potentially problematic programs introduced into their systems.
According to the US Department of Homeland Security, “the infections of ransomware, which encrypts critical data and demands payment for its release, are typically triggered by office workers clicking on malicious emails. This prevalence of ransomware is creating significant implications for the business community, with 4,000 ransomware attacks occurring every day, reportedly earning cyber criminals
According to a survey by PricewaterhouseCoopers, almost 70% of connected IoT devices lack fundamental security. According to analyst firm IDC, “the number of IoT devices will grow from approximately 6 billion in this decade to 28 billion in 2020 — a staggering number. The market for wearable smart devices alone is expected to increase at
The second in Securolytics IoT Security Blog Series According to a survey by PricewaterhouseCoopers, almost 70% of connected IoT devices lack fundamental security. According to analyst firm IDC, “the number of IoT devices will grow from approximately 6 billion in this decade to 28 billion in 2020 — a staggering number. The market for wearable
The team at Securolytics is excited to present the first of our blog series on IoT Security. There is no Technology Security issue that has more people talking and businesses struggling for solutions. Why? Simple- IoT is a real security risk for businesses and no one is predicting that the need for IoT security is
In 2015, the healthcare industry was responsible for 66.7% of the 170-million records compromised in the United States through data breaches, according to the Identity Theft Resource Center. Cyber criminals gained access to PHI stored on machines by creating more sophisticated and more frequent network attacks. In our blog posting, “Inside the Excellus Breach“, we
Google has just released a report that in 2015 an estimated 800,000 sites were infected with drive-by download malware and other malicious content. The study specifies that 16,500 websites were newly attacked each and every week which adds up to this whopping total of 800,000 compromised sites.
The latest count from the Identity Theft Resource Center (ITRC) reports that there have been 227 data breaches recorded through April 5, 2016, and that more than 6.2 million records have been exposed since the beginning of the year. The total number of reported breaches has increased by 50 in the past two weeks.
Cyber attackers have gone back to the basics with the release of a new strain of ransomware malware that locks up compromised devices without encrypting files. Now they just lock up your business’ devices and hope you pay. Securolytics partner Cyphort Labs discovered the threat- here is what you need to know.
Hollywood Presbyterian Hospital is an old and respected medical center deep in the heart of Hollywood. Its stucco buildings and the nurses and doctors within its walls have been healing and caring for Hollywood residents since 1924. On February 5th, they experienced what all Health Care facilities fear. Their technology infrastructure came to a grinding halt.
Data Loss Prevention (DLP) technologies identify, monitor and protect data in use or in motion on the network, as well as data at rest in storage or on desktops, laptops, and mobile devices. While organisations are more successful at filtering incoming malicious content and deflecting unauthorised entry attempts, they are lagging behind with implementing technical
Business owners are becoming more and more aware that their companies are losing productivity when employees shop and social network on company time. To counter this- Web Filtering is becoming a necessity no longer a luxury. It allows for increased productivity with advanced, real-time content filtering and the ability to block access to the websites