Day: October 1, 2021

President Biden Touts Cybersecurity Efforts

Cites Need to Secure Privately Owned Critical Infrastructure, Signs ProclamationAs Cybersecurity Awareness Month kicks off this week, U.S. President Joe Biden has weighed in on his administration’s efforts to curb cyberattacks and bolster the federal government’s security posture.Read the article

EPIC Urges National AI Research Resource to Empower Developers to Design Fair and Accountable AI

In comments to the newly established National Artificial Intelligence Research Resource Task Force, EPIC called on the Task Force to prioritize privacy, civil rights, and civil liberties by creating resources for companies to develop purposeful, accountable, transparent, and fair AI. EPIC also urged the Task Force to provide regulators with the resources required to enforce …

EPIC Urges National AI Research Resource to Empower Developers to Design Fair and Accountable AI Read More »

Chinese Attackers Use New Rootkit in Long-Running Campaign Against Windows 10 Systems

A previously unknown but highly skilled Chinese-speaking cyberespionage group is using sophisticated malware to attack government and private entities in Southeast Asia through a long-running campaign that targets systems running the latest versions of Microsoft’s Windows 10. The group – which researchers with Kaspersky Lab are calling GhostEmporer – uses a multi-stage malware framework designed …

Chinese Attackers Use New Rootkit in Long-Running Campaign Against Windows 10 Systems Read More »

The Premier Technical Partner to Help Navigate CFIUS Requirements

The U.S. Government’s interest in the national security implications of certain foreign investments and transactions in the United States, as evidenced by the work of the Committee of Foreign Investment in the United States (CFIUS), has continued to accelerate. The 2018 Foreign Investment Risk Review Modernization Act (FIRRMA) and 2020 final regulations implementing FIRRMA increased …

The Premier Technical Partner to Help Navigate CFIUS Requirements Read More »

Baby died at Alabama Springhill Medical Center due to cyber attack

A baby allegedly received inadequate childbirth health care, and later died, at an Alabama Springhill Medical Center due to a ransomware attack. An Alabama woman named Teiranni Kidd has filed suit after the death of her baby, she claims that the Springhill Medical Center was not able to respond to a cyberattack that crippled its …

Baby died at Alabama Springhill Medical Center due to cyber attack Read More »

Lawsuit: Hospital's Ransomware Attack Led to Baby's Death

Suit Alleges Inability to Access Critical Fetal Monitoring Data Was MalpracticeThe death of a baby born with complications during a 2019 ransomware attack on an Alabama hospital – one that left clinicians unable to access electronic health records and patient monitoring systems – is intensifying the spotlight on the potentially fatal consequences of such cyber …

Lawsuit: Hospital's Ransomware Attack Led to Baby's Death Read More »

US Agencies Awarded $311 Million in Cybersecurity, IT Funds

‘Technology Modernization Fund’ Announces 7 Projects at 4 US AgenciesFour federal agencies have been awarded $311 million to bolster the U.S. government’s cyber defenses and address IT modernization challenges, according to the interagency board of the Technology Modernization Fund, a federal funding source, which made the announcement Thursday.Read the article

Coinbase sends out breach notification letters after 6,000 accounts had cryptocurrency stolen

Coinbase is sending out breach notification letters to thousands of users after they discovered a “third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform.”  First reported by The Record, the letters say at least 6,000 Coinbase customers had funds removed from their accounts. “In …

Coinbase sends out breach notification letters after 6,000 accounts had cryptocurrency stolen Read More »

BrandPost: Cybersecurity Compliance: Start With Proven Best Practices

As a security professional, you may be tasked with achieving SOC2 compliance for your organization, adopting a NIST framework, or complying with new security laws. These are just a few examples; you likely face many requirements! Compliance with multiple policy, regulatory, and legal security frameworks and standards is challenging and time consuming. Most regulatory bodies …

BrandPost: Cybersecurity Compliance: Start With Proven Best Practices Read More »

Friday Squid Blogging: Squid Game

Netflix has a new series called Squid Game, about people competing in a deadly game for money. It has nothing to do with actual squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.Read the article

Don’t Assume Your IT Staff Will “Handle” ISO 27001 Certification

Last Updated on October 1, 2021 ISO 27001 certification is a significant undertaking that impacts many areas of your business. You want to be aligned with best practices from the outset. In our ISO 27001-as-a-Service business, we find that many clients start out with misconceptions or misinformation about ISO 27001 that require “course corrections” to …

Don’t Assume Your IT Staff Will “Handle” ISO 27001 Certification Read More »

Threat Roundup for September 24 to October 1

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Sept. 24 and Oct. 1. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics,… [[ This is only the beginning! Please visit the …

Threat Roundup for September 24 to October 1 Read More »

Who Will Patch Your VPN First? You, or Your Adversaries?

What makes these types of Internet-facing VPN device vulnerabilities so insidious is that once an attacker has compromised a VPN device, there is hardly anything they can’t then do to the enterprise… The post Who Will Patch Your VPN First? You, or Your Adversaries? appeared first on Security Boulevard.Read the article

Hall of Fame Awardee Success Story : Dr Erdal Ozkaya (2021)

Hall of Fame Awardee Success Story Here is my story of being on the one of the Hall of Fame Awardees : You can visit my award page at EC Council Web site via the link below: https://www.eccouncil.org/ceh-hall-of-fame-winner-erdal-ozkaya/ Every year, EC-Council honors a select group of our CEH certified members by inducting a group into …

Hall of Fame Awardee Success Story : Dr Erdal Ozkaya (2021) Read More »

The Week in Ransomware – October 1st 2021 – “This was preventable”

This week comes with reports on a hospital ransomware attack that led to the death of a baby and new efforts by governments worldwide to combat ransomware. This week, the biggest news is President Biden announcing a partnership between the USA and thirty other countries to disrupt global ransomware attacks. A heartbreaking report by the Wall Street …

The Week in Ransomware – October 1st 2021 – “This was preventable” Read More »

Azure IoT Plug and Play, Microsoft Rocket, and open-source database improvements

What’s going on with Azure this week? In this post, we’ll talk about Azure IoT Plug and Play, open-source video stream-building platform Microsoft Rocket, and some important open-source database improvements Honestly, Azure news is kind of slow this week. That’s right, I said it. (Come on, Azure — put some effort into keeping the sparks …

Azure IoT Plug and Play, Microsoft Rocket, and open-source database improvements Read More »

NSA, CISA Release Guidance for Choosing and Hardening VPNs

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. VPNs, an important security tool in an era of widespread remote work, are entry points into secured networks that bad attackers frequently try to use in malicious assaults. Because …

NSA, CISA Release Guidance for Choosing and Hardening VPNs Read More »

Internet Archive’s 2046 Wayforward Machine says Google will cease to exist

The Internet Archive has launched a campaign against tech regulation by setting up a Wayforward Machine, semi-parodying its famous Wayback Machine archiving site. The Wayforward Machine paints a picture of the internet in 2046 – smeared with censorship, regulation, governmental interference, and more. On typing in any well-known web address to the Wayforward Machine, the …

Internet Archive’s 2046 Wayforward Machine says Google will cease to exist Read More »

Internet Archive's 2046 Wayforward Machine says Google will cease to exist

The Internet Archive has launched a campaign against tech regulation by setting up a Wayforward Machine, semi-parodying its famous Wayback Machine archiving site. The Wayforward Machine paints a picture of the internet in 2046 – smeared with censorship, regulation, governmental interference, and more. On typing in any well-known web address to the Wayforward Machine, the …

Internet Archive's 2046 Wayforward Machine says Google will cease to exist Read More »

US unites 30 countries to disrupt global ransomware attacks

Today, U.S. President Joe Biden said that the U.S. will bring together 30 countries to jointly crack down on ransomware gangs behind a barrage of attacks impacting organizations worldwide. “This month, the United States will bring together 30 countries to accelerate our cooperation in combatting cybercrime, improving law enforcement collaboration, stemming the illicit use of …

US unites 30 countries to disrupt global ransomware attacks Read More »