Texas Refuses to Pay $2.5M in Massive Ransomware Attack
The state of Texas is so far refusing to comply with the demands of a ransomware attack that affected 22 local governments, the Texas Department of Information Resources (DIR) reports. None of the affected municipalities have paid the $2.5 million ransom demanded. On August 16, a coordinated ransomware campaign hit systems of cities and towns…
Should social media organizations be subject to strict privacy regulation?
80% of IT security professionals agree that more security and privacy legislation is needed, especially for social media organizations that store personal data. However, nearly the same number of respondents (82%) don’t believe their elected officials understand cyber risks well enough to develop and enact effective security regulation, a Venafi survey reveals. 384 IT security…
The global impact of 5G technologies
A white paper produced by Rysavy Research and 5G Americas technical experts explores the intensifying role of wireless communications, the evolution of its technology, emerging services and use cases, and a timeline of future developments through 2030. “The transition to 5G has been happening simultaneously with continued advances in 4G LTE,” stated Peter Rysavy, President…
It’s Not Healthy to Confuse Compliance with Security
Cyberattackers’ interest in healthcare organizations continues to increase. In 2018, there were 284 breaches reported on the US Department of Health and Human Services (HHS) breach portal and 27 so far in 2019. According to InfoSec Institute, “nearly 95 percent of all medical and health care institutions have been victims of some form of cyberattack.”…
Attackers Hit Ceiling in Ransomware Demands
Cyber extortionists’ ransom demands have surged in recent years, as ransomware cotinues to cripple the operations of manufacturers, hospitals, and — most recently — local governments. Yet those demands may have hit an upper limit. On September 4, Mayor Jon Mitchell of New Bedford, Mass., announced that the town refused to pay a $5.3 million…
Twitter Temporarily Disables Tweeting via SMS After CEO Hack
“We’re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we’re working on improving this),” Twitter said. It added, “We’ll reactivate this in markets that depend on SMS for reliable communication soon while we work on our longer-term…
Critical vulnerabilities uncovered in Danfoss SCADA product, patch now!
Risk Based Security uncovered multiple vulnerabilities in the AK-EM 800 product from SCADA vendor Danfoss. The discovered vulnerabilities Researchers found two critical vulnerabilities. One is effectively a backdoor into highly privileged functionality to manage the software. Although this backdoor was likely created to help the vendor’s support team log into systems to assist their clients,…
Supply chain security: Five IT strategies for choosing vendors wisely
With the proliferation of SaaS solutions, API integrations and cloud computing, virtually everything in the modern enterprise is connected to untold number of outside entities. In fact, many business processes depend on this connectivity, even when doing so broadens the threat landscape and puts the organization at greater risk. This interconnectedness means that vendor vulnerabilities…
What prevents companies from achieving effective security performance management?
Cybersecurity performance is critical to achieving commercial success, according to a BitSight study. Among the study’s most interesting findings is that nearly two in five (38 percent) of enterprises admit that they have lost business due to either a real or perceived lack of security performance within their organization. Based on a survey of 207…
Security pros need more and better visibility into their cloud networks
In this Help Net Security podcast, Kevin Sheu, VP Product Marketing and Marcus Hartwig, Senior Product Marketing Manager at Vectra AI, discuss the Vectra superhero survey from Black Hat USA 2019, which provides insight into the current cloud adoption and top-of-mind concerns of attendees. The people surveyed were a mix of CISOs, security researchers, security…