Scanning for Flaws, Scoring for Security

Krebs on Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair or not, a number of nascent efforts are using just such an approach to derive security scores for companies and entire industries. the security posture of vendor partners).

Business ID Theft Soars Amid COVID Closures

Krebs on Security

based cyber intelligence firm Hold Security has been monitoring the communications between and among a businesses ID theft gang apparently operating in Georgia and Florida but targeting businesses throughout the United States.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

The attacks targeted a major utility provider, a university, and a government agency in the United States, a health agency in Canada, a health insurance provider, an energy company in Australia, and a European medical publishing company to deliver various malware families.

GUEST ESSAY: HIPAA’s new ‘Safe Harbor’ rules promote security at healthcare firms under seige

The Last Watchdog

The Health Insurance Portability and Accountability Act — HIPAA — has undergone some massive changes in the past few years to minimize the burden of healthcare entities. Meanwhile, the healthcare sector accounted for 79 percent of all reported data breaches during the first 10 months of 2020, a study by Fortified Health Security tells us. Last year, the government saw that even the most security-conscious organizations could not prevent cyber attacks.

List of data breaches and cyber attacks in May 2021 – 116 million records breached

IT Governance

If you find yourself facing a cyber security disaster, IT Governance is here to help. unknown) Criminal hackers attack Ehrmann, demand millions in ransom (unknown) Criminal hackers attack Energy Hamburg Radio (unknown) Chemical distribution company Brenntag paid a $4.4

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Hunton Privacy

On July 10, 2017, the Cyberspace Administration of China published a new draft of its Regulations on Protecting the Security of Key Information Infrastructure (the “Draft Regulations”), and invited comment from the general public. According to the Draft Regulations, operators of key information infrastructure should establish a system to inspect their key information infrastructure and evaluate its security aspects and possible risks. This post has been updated. .

State Attackers Moving from Stealing Data to Social Meddling

Ascent Innovations

The utilities and energy industries experienced high indicators of attack activity, suggests that attackers have access to critical infrastructure and are waiting to exploit this access. While modern email security solutions can detect and stop emails with malicious attachments, they are still largely ineffective in detecting hyperlinks to malicious websites. State actors tend to zero in on government agencies or utilities and energy targets.

NHTSA Releases New Automobile Cybersecurity Best Practices

Hunton Privacy

The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”). NHTSA also recommends the use of certain industry standards such as ISO 27000 series standards, and other best practices, such as the Center for Internet Security’s Critical Security Controls for Effective Cyber Defense.

The Internet of Things (IoT): Managing the Data Tsunami

Collibra

The Internet-of-Things has the potential to transform a range of industries – from automotive and agriculture through to healthcare, home appliances and insurance services. But exactly how that data is utilized (and potentially monetised) will differ across sectors. For example, data collected by wearable health-tracking devices has become of increasing importance and value to providers of life and medical insurance. How it is secured.