All the latest blog posts from the most relevant cyber security companies in the business.

Today is the second Tuesday of the month, and Microsoft is right on schedule with 59 security fixes, nine of which are considered Critical in severity. None of the vulnerablities were previously known or exploited, and 49 are ranked Important and one as Moderate. The latest release affects Windows, Internet Explorer, Edge, ChakraCore, Microsoft Office…

“People make mistakes” is a common and relatable phrase, but it’s also a malicious one in the hands of cybercriminals, more of whom are exploiting simple human errors to launch successful attacks. The Information Security Forum (ISF) explored the topic in “Human-Centered Security: Addressing Psychological Vulnerabilities,” a new report published today. Human vulnerabilities, whether triggered…

The North American Electric Reliability Corporation (NERC) reports that a cyberattack on the US power grid earlier this year was caused by a target entity’s network perimeter firewall flaw. On March 5, 2019, an incident targeted a “low-impact” grid control center and small power generation sites in the western US, according to an E&E News…

The state of Texas is so far refusing to comply with the demands of a ransomware attack that affected 22 local governments, the Texas Department of Information Resources (DIR) reports. None of the affected municipalities have paid the $2.5 million ransom demanded. On August 16, a coordinated ransomware campaign hit systems of cities and towns…

Cyberattackers’ interest in healthcare organizations continues to increase. In 2018, there were 284 breaches reported on the US Department of Health and Human Services (HHS) breach portal and 27 so far in 2019. According to InfoSec Institute, “nearly 95 percent of all medical and health care institutions have been victims of some form of cyberattack.”…

Cyber extortionists’ ransom demands have surged in recent years, as ransomware cotinues to cripple the operations of manufacturers, hospitals, and — most recently — local governments. Yet those demands may have hit an upper limit. On September 4, Mayor Jon Mitchell of New Bedford, Mass., announced that the town refused to pay a $5.3 million…

In 2018, when businesses were preparing for the European Union’s General Data Privacy Regulation (GDPR), California quietly and quickly passed its own legislation: the California Consumer Privacy Act (CCPA). This regulation, with its emphasis on consumer privacy rights, has an interesting history of grassroots consumer advocacy coupled with swift legislative action provoked by the fear…

Enterprise organizations are scanning more applications for security vulnerabilities than ever before, but, troublingly, they are remediating fewer of their discoveries because of the sheer volume. As it has for the past 13 years, WhiteHat Security recently analyzed data from the results of application security tests the company performed at customer locations last year. The…

Cybersecurity incidents cost an estimated $45 billion in 2018, according to a new report that aggregates data from different types of reported security incidents from around the world. It’s difficult to get a complete picture of the cyber incident landscape, says Jeff Wilbur, technical director of the Internet Society’s Online Trust Alliance (OTA), which today…

Information from satellites fuel a great deal of today’s technology, from the intelligence gathering conducted by nation-states, to the global positioning system used for vehicle navigation, to the targeting used by “smart” weapons. Little surprise, then, that cybersecurity and policy experts worry that the relative insecurity of satellite systems open them to attack. In a…