List Headline Image
Updated by Patrick Smith on May 10, 2022
 REPORT
28 items   1 followers   0 votes   2 views

Recent Cyberattacks

By being able to block Internet sites that harbor malware and ransomware downloads, companies, businesses and organizations are proactively improving their online security, rather than relying on security measures such as antivirus software that are often unable to prevent fast-acting attacks.

Hackers Infiltrate Passwordstate Notification Letters to Spread Malware

A cybercriminal group has managed to leverage email alerts, sent to notify users of an available update, in order to infect databases with malware.

The software update feature of the Passwordstate password manager was infiltrated to attack enterprise users of the password manager solution. The supply chain attack also successfully targets account holders with malware known as Moserpass at different points from April 20 to April 22.

Anyone who sought to avail of an update using the In-Pass Upgrade mechanism was potentially in receipt of the malicious file downloaded titled Passwordstate_upgrade.zip file.

HIPAA Training Requirements

One of the most important aspects of ensuring that an organization is HIPAA-compliant is implementing a rigorous and robust training program for all employees. Many data breaches occur due to employee negligence, such as leaving a laptop in a location in which it can be easily stolen or failing to lock important files in a secure drawer. Ignorance about basic IT safety practices may result in employees accidentally falling for phishing emails, and phishing attacks often end with significant data theft.

6

HIPAA Security Awareness Training Guidelines

HIPAA Security Awareness Training Guidelines

In an annual refresher training session, security reminders should be sent to the workforce more frequently to keep security fresh in the mind and to reinforce training. The HIPAA Security Rule specifically mentions security reminders. If these are not issued, the reason for that decision must be documented.

Employees Returning to Offices Targeted in New COVID-19 Phishing Campaign

As workers begin to return offices following the COVID-19 vaccine roll out hackers are launching new campaigns to take advantage of this turn of events.

SEIU 775 Benefits Group Data Breach Impacts 140,000 Individuals

Service Employees International Union 775 (SEIU 775) Benefits Group, a benefits administrator for home healthcare and nursing home staff, has been infiltrated by a hacking group who managed to remove a range of sensitive data.

GitHub Repository Weaknesses Create Attack Points

Created in 2008, GitHub has recorded massive growth amongst developers and companies for its hosting, sharing and software code capabilities. These are available in both open source and proprietary codemaking it very popular with more than 100 million code repositories currently on the platform.

Personal Trainer Awarded €18.5k for Accident involving Taxi Driver - News

As he was awarding a personal injury compensation of €18,500 to a personal fitness trainer, Judge Justice Brian O’Callaghan commended the plaintiff for continuing to share workout videos of himself on social media platforms despite suffering injuries in an injury involving a taxi in the Aldi car park in Ennis on June 11, 2017.

Data Breaches at Arizona Asthma and Allergy Institute, Stillwater Medical Center and Nebraska Department of Health an...

Arizona Asthma and Allergy Institute sent breach notification letters to 70,372 patients who obtained services between October 1, 2015 and June 15, 2020.

New MosaicLoader Malware Distributed via Online Ads for Pirated Software - WebTitan DNS Filter

A new malware variant has appeared that is being pushed out via malicious search engine advertisements that appear at the top of the listings for searches A dangerous new malware downloader dubbed MosaicLoader is being distributed via online ads masquerading as pirated software.

Attacks on Windows and Linux Systems Using LemonDuck Malware Increasing

Those managing the LemonDuck malware campaigns have increased their activity, whilst introducing new attack features, in the last few weeks.

Fake Kaseya Update Used in MSP Cobalt Phishing Campaign

It is believed that, on July 2, the managed service provider (MSP) customers of Kaseya were impacted in a ransomware attack. Leveraging the Kaseya Virtual

Attacks on Windows and Linux Systems Using LemonDuck Malware Increasing

Those managing the LemonDuck malware campaigns have increased their activity, whilst introducing new attack features, in the last few weeks.

Businesses Face Massive Challenges as Phishing Attacks Surge

Since the beginning of 2020 there has been a noticeable spike in the amount of ransomware attacks recorded. Less noticeable however, has been that

Ransomware and BEC Attacks Often Start with a Phishing Email: Are Your Phishing Defenses Good Enough? - SpamTitan

Ransomware attacks can be incredibly expensive and business email compromise (BEC) scams can result in transfers of millions of dollars to attackers, but Ransomware and BEC attacks are the costliest data breaches to resolve and often start with a phishing email. Are your phishing defenses up to scratch? Will they prevent costly data breaches?

New Phishing Tactic Identified in Campaign Spoofing Well Known Brands

Phishers are constantly changing their tactics, techniques, and procedures to evade security solutions and fool end users into disclosing sensitive Doctored corporate logos that substitute letters for mathematical symbols are being used in a phishing campaign to evade AI-based email security solutions.

HIPAA Training Explainer

HIPAA training is essential for full compliance. This article outlines some of the most essential aspects of HIPAA and offers recommendations on how to conduct employee training courses.

Advantages of an Email Archiving Solution for Exchange

Find out more about the advantages of implementing an true email archiving solution for Exchange adn the best solution to implement.

GDPR Password Policy

Organisations must update their business practices to ensure they are compliant with the strict standards outlined by GDPR. This article specifically explores what GDPR says about an organisation’s password policy.

Personal and Health Information of 398K Patients Exposed in Mon Health Phishing Attack

Healthcare data carries a high value on the black market as it can be monetized in a variety of ways. One of the main methods used to gain access to the A phishing and BEC attack on Mon Health has resulted in a fraudulent bank transfer and the exposure of the personal and health data of 398,000 individuals.

Accellion Proposes $8.1 Million Settlement to Resolve Class Action Data Breach Lawsuit - NetSec.News

Accellion has proposed an $8.1 million settlement to resolve a class action data breach lawsuit related to the December 2020 cyberattack on its legacy File Transfer Appliance.

Email Retention Legislation in the U.S. - ArcTitan

Email retention legislation in the U.S. requires companies to maintain copies of emails for many years. Here's a summary of U.S. email retention laws.

What is an Email Filtering Service?

Small and medium sized businesses are being targeted by cybercriminals and email is the primary attack vector. An email filtering service can provide protection against these threats and prevent phishing and malware-laced emails from reaching inboxes.

Lapsus Ransomware Gang Ups the Ante with Impresa and NVIDIA Attacks - SpamTitan

The Lapsus ransomware gang has arrived on the scene and has already claimed several high-profile targets, with victims including Impresa – the largest Lapsus ransomware attacks involve data theft, encryption, data leaks, phishing attacks on customers, and social media takeover.

Lapsus Ransomware Gang Ups the Ante with Impresa and NVIDIA Attacks - SpamTitan

The Lapsus ransomware gang has arrived on the scene and has already claimed several high-profile targets, with victims including Impresa – the largest Lapsus ransomware attacks involve data theft, encryption, data leaks, phishing attacks on customers, and social media takeover.

Critical Infrastructure Organizations Warned About AvosLocker Ransomware Attacks

The FBI and U.S. Treasury have issued a joint cybersecurity advisory warning critical infrastructure organization to implement mitigations to prevent Avoslocker ransomware attacks.