January 10, 2018
By properly identifying cyber security risks, healthcare operators will be in a better position to prioritize their limited resources in the event of a breach. This white paper addresses methods for identifying threats healthcare security professionals must prioritize, and offers best practices for maintaining healthcare operations, patient care, and business continuity in the event of an attack.
Incident Response Q&A Part I: Preparing Your Staff for a Cyber Security Incident (Including How to Respond to the Media)
Ryan Clancy, deltarisk.com, January 5, 2018
Incident response will continue to be an important cyber security priority for many organizations in 2018. We took a moment to get some deeper insight into the incident response landscape from Delta Risk Senior Consultant Ryan Clancy. Here’s part I of our incident response discussion.
Dan Goodin, arstechnica.com, January 8, 2018
The sky-high valuations of cryptocurrencies isn’t lost on hackers, who are responding with increasingly sophisticated attacks that covertly harness the computers and electricity of unwitting people to generate digital coins worth large sums of money. One example is a recently uncovered mass hack of servers that has mined about $6,000 worth of the cryptocurrency known as AEON in the past 23 days.
Maria Korolov, csoonline.com, January 4, 2018
Password managers began as free or low-cost apps for consumers, tracking passwords and sign-ins to websites and applications, making it possible for users to create and manage long, hard-to-guess and unique passwords for all their accounts. Most work by encrypting the password lists with a single master password that only the user knows, so that even the password manager company employees themselves — or hackers — couldn’t get into the password lists.
Zeljka Zorz, helpnetsecurity.com, January 3, 2018
Windows users whose PCs run on Intel processors can apparently expect their computers to slow down after next Tuesday. In fact, all computers using modern Intel chips – whether they run Windows, Linux or macOS – are expected to suffer a performance hit in the coming days. The reason for this unwelcome change is a fundamental design flaw discovered in Intel’s processor chips.
Gregory Michaelidis, techrepublic.com, January 9, 2018
For more than a decade I have advised executives in government, the private sector, and at nonprofits on communicating about the risks of cyberattacks, terrorist attacks, and natural disasters. Cabinet secretaries, CEOs, and college presidents aren’t the only voices that matter in a large organization, however; I also listen closely to CIOs and IT managers, and talk with internal and external communicators as well. I have studied examples—good and bad—of information security and disaster preparation and responses.
Greg Stiles, govtech.com, January 9, 2018
While investors are still scrambling to get on the Bitcoin, cryptocurrency blockchain train, others see the technology as a way of improving cyber security. U.S. Bank cyber security blockchain specialist Jenny Menna said the banking industry is evaluating the security benefits of using blockchain to send encrypted information.
DFM Team2, digitalforensicsmagazine.com, January 1, 2018
New ransomware – named Scarab – has been observed by PhishMe. While it shares some similarities in behaviour and distribution with Locky, there are also some distinct differences. First, Scarab does not present a ransom amount with its encryption message, instead it instructs victims on how to negotiate with the operators. Second, Scarab reports newly infected machines via a service that collects click statistics on opened or viewed artifacts, as opposed to using command and control resources.
Markus Jakobsson, informationsecuritybuzz.com, Janaury 9, 2018
Following the news that over 30,000 medical records were stolen from a healthcare organisation in Florida after an employee was deceived by a phishing email into sharing their login information, Professor Markus Jakobsson, Chief Scientist at email Security Specialist Agari commented on the situation.
Dan Raywood, infosecurity-magazine.com, January 9, 2018
Over the course of December and into the New Year, my inbox fills up with predictions for what 2018 will bring cybersecurity. At the end of 2016 we assessed a whole host of industry predictions and determined 12 topics that would dictate 2017: skills gap, ransomware, poor routine IT practices, political disruption, CIO activities, social media attacks, AI, advanced cyber-criminals, GDPR, a cloud vendor compromise and better security collaboration.