FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Monday, January 31, 2022

Verimatrix Key Shield Wins Cybersecurity Excellence Award

AIX-EN-PROVENCE, France & SAN DIEGO–(BUSINESS WIRE)–Regulatory News:

Verimatrix, (Euronext Paris: VMX), the leader in powering the modern connected world with people-centered security, today announced that Verimatrix Key Shield was recognized as a gold winner in the 2022 Cybersecurity Excellence Awards.

Key Shield deters cyberattacks by making it nearly impossible to anticipate how to analyze and hack in the first place – building secure architectures, protecting valuable data and ensuring constant control of cryptographic keys. Protecting something as critical as vehicles that are relied up by people, businesses and governments around the world, Verimatrix Key Shield makes hacking unappealing to begin with by making it no longer worth a hacker’s time and eliminating any chance of financial reward for their nefarious efforts.

“There’s an ever-increasing awareness surrounding the need to powerfully protect all of the integral third-party solutions that make today’s connected cars possible – and we’re pleased to once again be recognized as a top innovator in this important cybersecurity sector,” said Asaf Ashkenazi, Chief Operating Officer and President at Verimatrix. “We’re pleased to work closely worldwide with some of the leading organizations dedicated to providing automotive manufacturers with trusted technologies that allow access, control and analysis of vehicles.”

Cybersecurity Excellence Award winners are selected based on the strength of the nomination, including demonstrated leadership, excellence and results in cybersecurity, depending on the specific category and the supporting information provided. Click here for more information on this year’s Cybersecurity Excellence Awards program and its winners.

About Verimatrix

Verimatrix (Euronext Paris: VMX) helps power the modern connected world with security made for people. We protect digital content, applications, and devices with intuitive, people-centered and frictionless security. Leading brands turn to Verimatrix to secure everything from premium movies and live streaming sports, to sensitive financial and healthcare data, to mission-critical mobile applications. We enable the trusted connections our customers depend on to deliver compelling content and experiences to millions of consumers around the world. Verimatrix helps partners get to market faster, scale easily, protect valuable revenue streams, and win new business. Visit www.verimatrix.com.

The post Verimatrix Key Shield Wins Cybersecurity Excellence Award appeared first on Cybersecurity Insiders.


February 01, 2022 at 09:10AM

Armor Unlocks the Constraints Companies Face with Traditional Cybersecurity Providers

DALLAS–(BUSINESS WIRE)–Armor, the global cloud-native managed detection and response (MDR) leader, announces a bold and revolutionary model for securing customer environments that eliminates the challenges inherent in traditional approaches. Armor’s new offerings leverage cloud-native cybersecurity platforms and IP sharing to unlock companies from traditional solutions while aligning to their digital transformation journey.

“Managed security service providers (MSSPs) lock companies into a proprietary model; if the business decides to change providers, they lose their data and tuning,” said Armor founder Chris Drake. “Armor is here to challenge the traditional MSSP model and the DIY approach to cybersecurity which requires hard-to-find, expensive in-house talent.”

Armor experts guide customers through the implementation and management of security and compliance with services to include:

XDR & SOC

IaaS, PaaS, SaaS, IoT/OT, workplace, and end-user MDR with AI/ML alerts and a 24/7 threat response team. Customers remain in control of their valuable logging data, tuning, playbooks, and automation – forever.

VAPT

Secures data through continuous vulnerability assessments/penetration testing based on the entire MITRE ATT&CK® framework.

Data Protection

Delivers sensitive data protection through visibility, continuous discovery, and with intelligent classification methods to address policy violations.

Risk Management

Supports a variety of compliance standards within the HITRUST framework to manage third-party risks, measure security effectiveness, share control responsibilities with cloud providers, and third parties.

Armor Cloud Protection and Compliance

Outcome-based hybrid cloud solutions ensure the cloud is secured correctly, compliant, and remediates incidents to resolution.

“Security and compliance have grown more complex amidst cloud transition and digital transformation,” said Drake. “Our cloud-native MDR approach is ideally suited to liberate customers to focus on growth and profits rather than the rigors of security and compliance—while maintaining their data, valuable cybersecurity intelligence, and tuning.”

About Armor

Armor is a global leader in cloud-native managed detection and response. As a trusted partner to more than 1,500 firms in over 40 countries, Armor offers cybersecurity and compliance consulting, professional services, and managed services. Armor’s industry-leading experts leverage non-proprietary frameworks and a 24/7/365 SOC to help organizations tackle the complexities of cybersecurity and compliance at a cloud-scale. Gartner has recognized Armor in two “Emerging Technologies” reports for MDR. A study commissioned by Forrester found that Armor delivers a 774% ROI. To learn more, visit www.armor.com or follow @armor on Twitter.

The post Armor Unlocks the Constraints Companies Face with Traditional Cybersecurity Providers appeared first on Cybersecurity Insiders.


February 01, 2022 at 09:10AM

Harris Williams Advises Ntiva on its Sale to PSP Partners

RICHMOND, Va.–(BUSINESS WIRE)–Harris Williams, a global investment bank specializing in M&A advisory services, announces it advised Ntiva, a portfolio company of Southfield Capital, on its sale to PSP Partners (PSP). Ntiva is a leading provider of managed IT services, strategic consulting, cybersecurity services, cloud services and telecom solutions. The transaction was led by the Harris Williams Business Services Group and Technology Group, including Derek Lewis, Anthony Basmajian, Priyanka Naithani, Jenson Dunn and Phil Ashkenaz.

“Ntiva has established itself as an industry leading provider of managed IT services offering a broad range of critical cyber, cloud and IT consulting solutions,” said Anthony Basmajian, a managing director at Harris Williams. “As the industry continues to evolve, small- and medium-sized businesses lacking the required internal resources and expertise are turning to professional outsourced managed IT providers to help navigate today’s technology complexities and increased cybersecurity threats. Ntiva, with its broad suite of IT services, is well positioned to help customers address those challenges.”

“The company thrived in partnership with Southfield Capital, and we are excited to watch Ntiva’s next chapter unfold with PSP,” said Derek Lewis, a managing director at Harris Williams. “PSP’s strategic investment will enable Ntiva to further accelerate its technology investments, expand into new verticals and further execute its robust M&A strategy.”

Ntiva is a leading IT services company that provides businesses across the U.S. with advanced technology expertise and support, including managed IT services, strategic consulting, cybersecurity services, cloud services, and telecom solutions. Ntiva’s ultimate objective is to help clients leverage their technology investments to improve business performance.

Southfield Capital is a private equity firm that invests in high-growth, lower-middle market companies in the outsourced business services sector. The firm targets companies with $4 million to $12 million in EBITDA and partners with management to scale the business through a combination of organic and acquisition growth strategies.

PSP Partners is a Chicago-based private investment firm founded by its Chairman Penny Pritzker, an entrepreneur, civic leader, philanthropist, and former U.S. Secretary of Commerce. The firm is comprised of a highly experienced team of investment professionals and business builders focused on partnering with entrepreneurs, business owners, and management teams to build market-leading businesses and develop valuable assets.

Harris Williams, an investment bank specializing in M&A advisory services, advocates for sellers and buyers of companies worldwide through critical milestones and provides thoughtful advice during the lives of their businesses. By collaborating as one firm across Industry Groups and geographies, the firm helps its clients achieve outcomes that support their objectives and strategically create value. Harris Williams is committed to execution excellence and to building enduring, valued relationships that are based on mutual trust. Harris Williams is a subsidiary of the PNC Financial Services Group, Inc. (NYSE: PNC).

The Harris Williams Business Services Group has experience advising companies that provide a range of commercial, industrial and professional services. For more information on the firm’s Business Services Group and other recent transactions, visit the Business Services Group’s section of the Harris Williams website.

The Harris Williams Technology Group advises leading private and public companies, founders, and private equity, growth equity, and venture capital firms on mergers and acquisitions and capital-raising transactions worldwide. The Technology Group has deep domain expertise in software and technology-enabled services and dedicated focus areas across a variety of vertical software applications and end markets. For more information on the Technology Group and its recent transactions, visit the Technology Group’s section of the Harris Williams website.

Harris Williams LLC is a registered broker-dealer and member of FINRA and SIPC. Harris Williams & Co. Ltd is a private limited company incorporated under English law with its registered office at 8th Floor, 20 Farringdon Street, London EC4A 4AB, UK, registered with the Registrar of Companies for England and Wales (registration number 07078852). Harris Williams & Co. Ltd is authorized and regulated by the Financial Conduct Authority. Harris Williams & Co. Corporate Finance Advisors GmbH is registered in the commercial register of the local court of Frankfurt am Main, Germany, under HRB 107540. The registered address is Bockenheimer Landstrasse 33-35, 60325 Frankfurt am Main, Germany (email address: hwgermany@harriswilliams.com). Geschäftsführer/Directors: Jeffery H. Perkins, Paul Poggi. (VAT No. DE321666994). Harris Williams is a trade name under which Harris Williams LLC, Harris Williams & Co. Ltd and Harris Williams & Co. Corporate Finance Advisors GmbH conduct business.

The post Harris Williams Advises Ntiva on its Sale to PSP Partners appeared first on Cybersecurity Insiders.


February 01, 2022 at 09:09AM

Stories from the SOC – WannaCry malware

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.

Executive summary

WannaCry malware was first discovered in May 2017 and a patch was released roughly two months prior to its public release. However, 230,000 computers were globally affected by WannaCry as of 3/31/2021. It is unfortunate to hear, but many companies remain vulnerable to this attack due to unpatched systems. We often see that by the time some companies update their systems, they have already experienced a breach.

The Managed Threat Detection and Response (MTDR) SOC analyst team received 56 alarms related to the suspicious use of port 445 within a 24-hour timeframe. Given the high influx of alarms, our team created an Investigation to reveal which assets were using port 445, the destinations that were being communicated with, and the frequency of the connections. The customer quickly identified that the source assets were unpatched Windows 7 production servers affected by WannaCry. They were able to segment the infected computers, block SMB port 445, use Trend Micro’s Anti-Threat Toolkit to clean the machines, and then return the assets to the network.

Investigation

Initial alarm review

Indicators of compromise (IOC)

The initial alarms that triggered this investigation were created from a custom alarm. The MTDR team can create custom alarms specific to the customers environment to help improve time to response. The alarms were triggered when events from Trend Micro showed assets using Server Message Block (SMB) port 445 in which a single source was communicating with multiple destinations.

Wannacry suspicious behavior

This initial alarm was one of many that was generated. The alarms came in with a priority of “Low” because use of SMB port 445 is common within the customer’s organization. Our team and the customer began to suspect that a breach had occurred due to the high volume of internal connections as well as those connections attempting to reach external IP’s.

Expanded investigation

Events search

Wanna cry events

Upon further investigation, we searched for events “CnC Callback” and “Suspicious Connection”. The team then analyzed these events over a 24-hour period. This analysis revealed all of the internal assets and their events’ sources and destinations. These assets were communicating over port 445 and were likely compromised systems.

Event deep dive

Continuing with the investigation, we learned that the affected assets were communicating with unknown external IP’s. Many of these outbound connections were blocked at the firewall; however, at this point, we were able to pivot from the external IP’s to look for more affected assets.

Reviewing for additional indicators

Wannacry ransom

We then made a complete list of all potentially affected internal assets. After individually inspecting the assets, we discovered the following event: “Ransom_WCRY.SM2” on a few of the assets. This particular event confirmed our suspicion that this was, indeed, the WannaCry malware.

Response

Building the investigation

Within minutes of the team creating the investigation, the customer escalated the case. The customer noticed that all of the associated assets were part of a single subnet isolated to one sector of their business. The customer then isolated the subnet of potentially affected assets from the rest of the network in order to begin reviewing the machines.

While the assets were being scanned for further indicators of compromise, we involved the customer’s Threat Hunter (TH). The TH helped generate additional reports of all internal assets that were associated with the malicious events.

At this point, the customer blocked port 445 on the assets, used Trend Micro’s Anti-Threat Toolkit to clean the machines, and then returned the assets to the network.

We continued to closely monitor the customer’s network for further signs of compromise from the WannaCry malware. We maintained this vigilance until the team ensured the situation had been fully resolved.

Customer interaction

Our team worked closely with the customer to ensure we were up to date with any changes being made to their systems. Because of the close communication between our team and the customer, we were able to quickly assess the situation, investigate appropriate assets, and resolve the issue before any systems could be encrypted for ransomware.

The post Stories from the SOC – WannaCry malware appeared first on Cybersecurity Insiders.


January 31, 2022 at 09:09PM

Why smart meters will be essential to our sustainable future

As it stands today, the world needs to change its attitude to sustainability. As highlighted in the recent COP26 conference, human activity is causing unprecedented and potentially irreversible change to our environment, which is being driven by our production of harmful emissions and excessive energy consumption.

However, as stated by David Attenborough, the famed environmentalist and broadcaster, “We are, after all, the greatest problem solvers to have ever existed on Earth… Surely working together, we are powerful enough to save it.” And, the technologies we use to help monitor and control our energy consumption are set to play a critical role in our efforts against climate change.

Within this armoury of technology at our disposal, smart meters will stand as an indispensable tool in the development of a more sustainable future. According to Mordor Intelligence, the global total shipment of smart meters is estimated to reach 198.53 million units by 2026. What’s more, smart meter providers, such as Smart Metering Systems, have reported a 20% increase in smart meter installation since the beginning of the COVID-19 pandemic.

But smart meters aren’t just saving energy in the homes of consumers. In fact, the installation of these devices across the wider electrical grid could be crucial in the development of a smarter future.

How can smart meters make us more sustainable?

The value of smart meters lies in their ability to provide the user with real-time data on their energy consumption. With this data being wirelessly transmitted to an in-house display or even a user’s smartphone, smart meters allow users to understand what energy they use, how they use it, and, most importantly, how they could consume their energy more efficiently.

Thankfully, the uptake in smart meters is steadily increasing. In the UK alone, there were 23.6 million smart and advanced meters in homes and small businesses by the end of 2020, representing a 12% increase from the previous year.

The development of ‘smart grids’

Aside from helping businesses and civilians consume their energy more efficiently, the widespread installation of smart meters has the potential to unlock a level of untouched energy efficiency in the form of a smart energy grid.

Unlike traditional energy grids, smart grids use different technologies, such as smart meters, sensors and networks, to increase the level of intelligence and efficiency at which the grid operates.

But why will smart grids help us be more sustainable? By 2050, 68% of the world’s population will be living in urban areas. As such, it’s necessary that these urban environments have a reliable and sustainable source of power.

With a smart grid, operators will be able to balance the flow of energy more efficiently throughout the grid. This is because, with the help of the grid’s sensors and smart meters, operators will be able to detect power demand surges and outages in real-time, adapting accordingly to ensure efficiency.

What’s more, smart grids can enable the smooth integration of renewable energy sources, such as solar panels. With improved energy infrastructure, operators will be able to effectively manage different renewable energy sources that are geographically scattered across the grid. What’s more, smart grids will enable providers to allow energy consumers to play a central role in the grid through selling extra energy storage they might have at home.

What is needed to ensure that smart meters help us build a sustainable future?

However, for this idea of the smart grid to become a reality, it’s crucial that smart meters across the grid are upheld by two essential principles – reliable connectivity and robust cybersecurity:

Reliable connectivity – particularly when operating within a system where components constantly communicate with each other, it’s essential that smart meters are always connected. Any drop in connection could see a delay in the transmission of data to the utility provider, preventing it from running an energy grid at peak efficiency. But, through the use of technology such as IoT eSIMs, providers can ensure that their smart meters remain connected 24/7 over a typical 10 to 15 year lifespan.

Robust cybersecurity – the connected nature of smart meters can be viewed as a double-edged sword. While this connectivity enables the fast and accurate transfer of real-time data to utility providers, it also exposes smart meters to the risk of hacking. Such attacks present a very real threat to all parties, from the consumer to government agencies, as highlighted by the alleged power grid attacks waged between two large countries in 2019.

With this potential risk looming over energy providers, it’s critical that robust cybersecurity measures, such as giving smart meters their own digital identities, are in place to protect both providers and consumers alike.

While much more can be done to help bolster our efforts to protect and regenerate our planet, smart technologies such as smart meters represent the first step in our journey to a sustainable future.

Want to find out more? Discover our latest smart metering technology here.

The post Why smart meters will be essential to our sustainable future appeared first on Cybersecurity Insiders.


January 31, 2022 at 09:09PM

HOW TO BECOME AN (ISC)² VOLUNTEER AND MAKE A DIFFERENCE IN THE CYBERSECURITY COMMUNITY

Volunteer-Get-InvolvedEver wonder what more you can do to narrow the cybersecurity skills gap or how you can use your cybersecurity skills to make a difference in your local community? (ISC)² has the answer.

(ISC)² unveiled a formal Volunteer Program to connect members and non-members with opportunities to make meaningful contributions to the cybersecurity industry on a global and local scale. As a bonus, members and associates can earn continuing professional education (CPE) credits by contributing their time and participating in various professional volunteer activities.

Integral to the (ISC)² vision of Inspiring a Safe and Secure Cyber World, the Volunteer Program enables professionals to:

  • Share insights that help influence smarter policy and standards around the world
  • Make meaningful contributions that address industry challenges, such as the Cybersecurity Workforce Gap
  • Educate communities on privacy and security threats
  • Evolve industry qualification standards and certifications
  • Lending expertise to the professional development of others, and more

Becoming an (ISC)² volunteer is a rewarding experience that offers opportunities to broaden perspectives and share responsibilities, in addition to giving back to the profession and local communities. Volunteers also have the opportunity to develop new skills—such as strategic thinking, change management and conflict resolution—gain a sense of self-accomplishment and self-confidence, and expand their network of cybersecurity professionals.

The opportunities available through the (ISC)² Volunteer Program are flexible and offer various degrees of commitment, from micro-volunteering to short- and long-term volunteering.

There are numerous types of opportunities available through the (ISC)² Volunteer Program including, but not limited to:

  • Assisting with exam development
  • Serving on the (ISC)² Board of Directors or Global Achievement Awards Review Committee
  • Speaking at (ISC)² events, including Security Congress and Security Summits
  • Becoming a Chapter leader
  • Supporting the Center for Cyber Safety & Education

Members and non-members interested in becoming an (ISC)² volunteer can opt-in to the volunteer pool by filling out the online form available here: www.isc2.org/volunteer/volunteer-interest.

More information on the (ISC)² Volunteer Program is available at  https://www.isc2.org/Volunteer

The post HOW TO BECOME AN (ISC)² VOLUNTEER AND MAKE A DIFFERENCE IN THE CYBERSECURITY COMMUNITY appeared first on Cybersecurity Insiders.


January 31, 2022 at 09:09PM

Trellix Sees Advanced Persistent Threat Actors and Ransomware Groups Focus on Financial Services in Third Quarter of 2021

SAN JOSE, Calif.–(BUSINESS WIRE)–Today, Trellix released its Advanced Threat Research Report: January 2022, examining cybercriminal behavior and activity related to cyber threats in the third quarter of 2021. Among its findings, the research reports that despite a community reckoning to ban ransomware activity from online forums, hacker groups used alternate personas to continue to proliferate the use of ransomware against an increasing spectrum of sectors – hitting the financial, utilities and retail sectors most often, accounting for nearly 60% of ransomware detections.

“While we ended 2021 focused on a resurgent pandemic and the revelations around the Log4j vulnerability, our third-quarter deep dive into cyber threat activity found notable new tools and tactics among ransomware groups and advanced global threat actors,” said Raj Samani, Chief Scientist and Fellow at Trellix. “This report provides greater visibility into the use and abuse of ransomware group personas, how nation state APT actors seek to burrow deeper into finance and other critical industries, and new Living off the Land attacks exploiting native Microsoft system tools in new ways.”

Reappearance of Ransomware Groups

In Q3 2021, Trellix observed the resurgence of the DarkSide ransomware group as BlackMatter, despite that group’s claim to have stopped operating. In using many of the same modus operandi that DarkSide used in the Colonial Pipeline attack, BlackMatter continued to leverage the double extortion approach, threatening to reveal data of victims unless a ransom is paid.

While claiming responsibility for the ransomware attack on Kaseya VSA that closed hundreds of supermarket stores for several days, the quarter saw the REvil/Sodinokibi family of ransomware continue to lead in its pervasiveness as it had in Q2, accounting for nearly half of Trellix’s ransomware detections. As the impact of ransomware to systems essential to our daily lives – fuel, grain, food supply and beyond – escalates, the U.S. government has made strides in advancing its cyber agenda and reducing the impact through the launch of StopRansomware.gov which aims to identify and locate actors involved in cyber activities against critical U.S. infrastructure.

Maturing Advanced Pattern Techniques

Through the identification of indicators of compromise to reveal the tools used to execute attacks, Trellix observed the maturation of the techniques deeply skilled APT adversary groups use to bypass security controls and perform their operations. Q3 2021 saw security operations tools like Cobalt Strike being abused by nation-state actors to gain access to their victim’s network. Cobalt Strike is an adversary simulation tool that is commonly used by ethical hackers to study attack methods and improve incident response, and was detected in over one-third of the APT campaigns tracked. Mimikatz, a post exploitation tool to gain more access into a victim’s network or elevate user-rights to execute tasks once an actor has access on a victim’s device, was also detected in over a quarter of campaigns.

Trellix also saw the following APT activity in Q3 2021:

  • In Q3 2021, threat activity believed to be from Russian and Chinese nation-state backed groups were responsible for nearly half (46% combined) of all observed APT threat activity. This assessment is based on analysis of available technical indicators.
  • The financial sector was targeted in nearly 40% of observed APT activity tracked by Trellix, followed by utilities, retail and government

Living off the Land Spreads

Q3 2021 saw a swell of bad actors using software already on a target system to carry out attacks. This use of software and functions native to the target’s system – Living off the Land (LotL) – is often used by nation-state actors and large criminal organizations to get around developing advanced tools internally.

Trellix observed PowerShell used in 42% and Windows Command Shell (CMD) in 40% of LotL detections to execute commands and gain access. Other native operating tools commonly used include Rundll32, WMIC and Excel, along with administrative remote services tools like AnyDesk, ConnectWise Control, RDP and WinSCP.

Q3 2021 Threat Activity

Ransomware Pays. REvil/Sodinokibi claimed responsibility for successfully infecting more than 1 million and then demanding $70 million, making it the largest publicly known ransom amount to date.

APT MITRE ATT&CK Techniques. Spear phishing attachment, obfuscated files or information, and PowerShell were the most prevalent APT MITRE ATT&CK Techniques, accounting for nearly half of those detected in Q3 of 2021.

Sector Activity. Financial Services led all sectors in publicly reported cyber incidents with a 21% increase in the third quarter. The critical economic sector also led all industries in terms of detected ransomware samples and APT group activity.

Malware Families. Formbook, Remcos RAT and LokiBot amounted to almost 80% of malware detections in Q3 2021, with Formbook found in over one-third. While malware was the technique used most often in reported incidents in Q3 2021, reported malware incidents decreased 24% compared to Q2 2021.

Regions. The quarter saw swings in areas of focus with Russia experiencing a 79% decrease in detected incidents while France saw an increase of 400%. The U.S. experienced the most reported incidents in Q3 2021, but incidents decreased 9% from Q2 2021.

Additional Resources:

About Trellix

Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.

The post Trellix Sees Advanced Persistent Threat Actors and Ransomware Groups Focus on Financial Services in Third Quarter of 2021 appeared first on Cybersecurity Insiders.


January 31, 2022 at 09:09PM

Springboard and UMass Global Launch a Four-Program Technical Skills Online Learning Partnership

SAN FRANCISCO–(BUSINESS WIRE)–Springboard, an online learning platform preparing students for in-demand careers through comprehensive, mentor-led programs, and the University of Massachusetts Global (UMass Global) today announced a four-program partnership with tracks in Cybersecurity, Data Analytics, Data Science, and Software Engineering. The partnership is Springboard’s largest to date. With a direct focus on working adults and non-traditional students, the partnership aims to prepare individuals for high-demand technical careers by providing mentor-led learning, project-based curricula, career support and job placement services.

“This partnership builds on our strength of providing deep and flexible learning opportunities to students at any stage in their career journey, and Springboard’s expertise in project-based online learning with a career-centric focus complements our own,” said Ricardo Lorenzana, Dean of the UMass Global School of Extended Education. “We’re thrilled to provide new pathways to a range of rapidly growing career opportunities.”

Through its partnership with Springboard, UMass Global will offer six-month programs with self-paced, asynchronous programs in cybersecurity, data analytics, data science, and software engineering that will continue to offer the flexibility for working students that UMass Global is known for.

Students in corresponding programs will receive hands-on experience and develop unique portfolios of work in the following areas:

  • Participate in a 360-hour cybersecurity bootcamp that covers industry fundamentals, systems and network security, vulnerability assessment, and security operations, followed by a capstone project intended to showcase specialized skills to potential employers.
  • Go beyond just the technical skills in the data analytics bootcamp to focus on areas where employers find the biggest gaps – strategic thinking, problem-solving, and communication.
  • The 500+ hour data science curriculum features coursework on the Python data science stack, data wrangling, storytelling with data, inferential statistics, machine learning, and more, along with two capstone projects focused on realistic data science scenarios.
  • Cover key aspects of front-end web development, back-end web development, databases, and data structures and algorithms throughout the software engineering curriculum, inclusive of two full-stack capstone projects.

“At Springboard, we’re working to create positive change in the lives of as many students as possible, and we found total alignment with our partners at UMass Global,” said Sanam Raza, General Manager of University Partnerships at Springboard. “This partnership puts us on an exciting trajectory to grow our impact and create strong pipelines to great careers for our students.”

According to Springboard, students who have completed similar programs from Springboard to-date have received job offers from companies including Amazon, Facebook, Dell, IBM, Salesforce and over 50% of the Fortune 100. The programs will be open to the public. Prospective students do not need previous industry or academic experience to enroll. Upon completion of a program, students will receive a certificate of completion, which is a stand-alone award and does not confer credit toward a UMass Global degree. Students will also have continued access to Springboard’s career support including 1-on-1 support from a career coach.

Enrollment for all programs is open as of today, January 31, 2022. Asynchronous instruction will begin for the programs in Cybersecurity and Software Engineering on March 14, 2022. Asynchronous instruction in Data Analytics and Data Science will begin later in 2022. Students can enroll or sign up to be notified about enrollment updates at careerbootcamps.umassglobal.edu.

About Springboard

Founded by Parul Gupta and Gautam Tambay in 2013, Springboard is on a mission to transform one million lives through education by 2030. Springboard believes that each student is unique and needs a learning experience designed to fit their life’s pace, supported by advisors and mentors. More than 20,000 students across 100+ countries have used Springboard to advance their careers through the platform’s comprehensive, mentor-led online learning programs. Graduates have landed jobs with employers like Microsoft, Google, Facebook, Reddit, Facebook, and Boeing. Springboard has also trained corporate teams at Visa, Gusto, and The North Face. Springboard was recently named one of the 2022 GSV EdTech 150 — a list of the world’s most transformative growth companies in digital learning. Springboard is a 2020 Inc. 5000 company based in San Francisco, recently named a Top Workplace for Women by Elpha, and is backed by leading venture capital firms including Telstra Ventures, Vulcan Capital, SJF Ventures, Reach Capital, Pearson Ventures, International Finance Corp., Costanoa Ventures, Learn Capital, and Blue Fog Capital.

About University of Massachusetts Global

University of Massachusetts Global, formerly Brandman University, is a private, nonprofit institution accredited by the WASC Senior College and University Commission. The university offers undergraduate, graduate, credential, and certificate programs designed to be relevant to more than 90 career paths. UMass Global serves nearly 23,000 students, about 16,000 of whom are enrolled in academic credit programs, at 25 physical campuses in California and Washington, as well as online. UMass Global offers fully online courses for students anywhere in the United States and for military personnel serving abroad. For more information, visit the university’s website.

The post Springboard and UMass Global Launch a Four-Program Technical Skills Online Learning Partnership appeared first on Cybersecurity Insiders.


January 31, 2022 at 09:09PM

Baker McKenzie Adds Former Manhattan District Attorney Cyrus R. Vance Jr. as a Partner in New York

NEW YORK–(BUSINESS WIRE)–Global law firm Baker McKenzie has added former Manhattan District Attorney Cyrus R. Vance Jr. as a Partner in New York.

One of the most well-known law enforcement officials in the US, Cy led the Manhattan District Attorney’s office for 12 years, overseeing major criminal prosecutions and an office of more than 600 prosecutors. The office handled more than 100,000 cases per year, including high-profile investigations and prosecutions of complex, white collar and business crimes in the US and internationally, coordinating globally with the likes of the City of London Police, Paris Prosecutors’ Office, Singapore Attorney General, Europol, and Interpol.

“Cy is a respected, talented and collaborative white collar criminal defense attorney and Fellow of the American College of Trial Lawyers,” said Peter Tomczak, Chair of Baker McKenzie’s North America Litigation and Government Enforcement Practice. “We are thrilled that he will be joining our large and still growing North America team of trial and investigations lawyers focused on complex international legal issues. As multinational companies continue to face significant legal and compliance risks, Cy is the trusted adviser whom multinational clients turn to in crisis situations.”

As District Attorney in Manhattan, Cy was deeply involved in numerous international landmark investigations and prosecutions. His Cyber unit handled more than 2,000 forensic interrogations of devices annually, investigating and prosecuting significant cyber fraud, sex trafficking and related cases. Cy also co-founded New York City’s Cyber Critical Infrastructure Task Force, the only public–private partnership in the US to address risk and prevent cyberattacks on New York’s critical infrastructure. In addition, with the City of London Police, Cy founded the Global Cyber Alliance, a non-profit cross-border/cross-sector consortium to advise membership from every continent on cyber risks and cyberattack prevention.

Throughout his career, Cy has been a visible and vocal advocate on a range of justice issues. He is a sought-after speaker and author, and has testified multiple times before the US Congress and state agencies.

Cy will serve as Global Chair of Baker McKenzie’s Cybersecurity Practice. He will also be a member of the Firm’s North America Litigation & Government Enforcement Practice as well as the Firm’s Global Compliance & Investigations Practice.

“Cy is a proven leader working at the intersection of technology, cybersecurity and criminal investigations,” said Pamela Church, Chair of Baker McKenzie’s North America Intellectual Property & Technology Practice. “I look forward to connecting our clients with Cy as we help them navigate and succeed in this complex enforcement environment.”

Added Scott Brandman, Managing Partner of Baker McKenzie’s New York and Miami offices, “We are focused on continuing to grow our capabilities in New York, particularly in the transactional and cybersecurity space, and adding a prosecutor of Cy’s stature is a huge addition to our team. Cy is an institution in New York, known for his strong prosecutorial track record on high-profile criminal matters in Manhattan with major global significance. Clients looking for guidance on major investigations and sensitive matters will find Cy’s experience and knowledge indispensable.”

Cy joins Baker McKenzie’s growing bench of technology-focused practitioners in the US, including white collar investigations lawyer Jessica Nall and AI and trade secrets litigator Bradford Newman, both based in Silicon Valley. He also joins following the recent addition of former UK Information Commissioner Elizabeth Denham in London, who specializes in data protection and privacy.

“I am delighted to join Baker McKenzie and work with its outstanding team of former prosecutors and investigations lawyers around the world,” said Cy. “The Firm is unmatched in its global platform, and I’m excited about the opportunities to provide business-focused guidance and advice to clients navigating major compliance risks.”

About Cyrus R. Vance Jr.

Cy Vance earned his BA from Yale University and his JD from Georgetown University Law Center. He is the son of Cyrus Vance Sr., former US Secretary of State under President Jimmy Carter.

Following law school, Cy spent six years as an Assistant District Attorney for Manhattan. In 1988, he joined the law firm Culp Dwyer in Seattle. In 1992, he co-founded the Seattle law firm McNaul, Helgren, Ebel and Vance (now McNaul Ebel Nawrot & Helgren). During that time, he also taught trial advocacy as an adjunct professor at Seattle University School of Law. He returned to New York in 2004 and joined Morvillo Abramowitz as a Partner. Cy won the election for New York County District Attorney in 2009, taking office in January 2010. He won two subsequent elections to remain in office, but declined to run again in 2021.

About Baker McKenzie’s Global Compliance & Investigations Practice

With more than 500 highly skilled practitioners across 76 offices in 46 countries, the Firm’s Compliance & Investigations Practice understands the regulatory, business and cultural landscape, wherever its clients are. And by connecting investigations and rapid crisis response with effective risk management solutions, the group’s integrated approach helps clients calibrate risk globally and safeguard their business. The practice has earned more Chambers and Legal 500 rankings than any other firm in the investigations, enforcement and risk management space.

About Baker McKenzie

Baker McKenzie helps clients overcome the challenges of competing in the global economy. We solve complex legal problems across borders and practice areas. Our unique culture, developed over 70 years, enables our 13,000 people to understand local markets and navigate multiple jurisdictions, working together as trusted colleagues and friends to instil confidence in our clients. (www.bakermckenzie.com)

Follow us on TwitterLinkedInFacebook

The post Baker McKenzie Adds Former Manhattan District Attorney Cyrus R. Vance Jr. as a Partner in New York appeared first on Cybersecurity Insiders.


January 31, 2022 at 09:08PM

Sunday, January 30, 2022

Work from Home leading to surge in Cyber Attacks in UK

The Work from Home (WfH) culture might do well to the employees, but some companies are disclosing openly that they are witnessing a surge in cyber attacks( mainly data breaches) on their IT infrastructure as their employees are not following basic cyber hygiene of using strong passwords and authenticating their Identity whole accessing networks.

A survey conducted by a software firm Diligent involving 450 respondents in UK found that the WfH culture offered to its employees after the eruption of Corona Pandemic crisis has fetched them monetary losses from data breaches in the first 18 months of the pandemic and the situation seems to worsen in days to come.

Over 82% of respondents who took part in the survey claimed that they gained a loss of $3 million on average/month because of fraudulent access to their network infrastructure by hackers. And most of these issues erupted because of weak antivirus software, lowly secure internet connections, and the use of video meeting solutions such as Zoom that were sparsely protected and can easily be hacked.

And in coming months, things could deteriorate as most of the tech businesses in UK are looking to adopt hybrid work culture where employees may work from home and office as per a weekly schedule.

By setting up remote work security policies, using VPNs for communications, curtailing the user of personal devices, using authentication codes and modes, educating employees about phishing and malware campaigns, and providing IT support in need can help in mitigating the Cybersecurity risks involved in the remote work culture.

The post Work from Home leading to surge in Cyber Attacks in UK appeared first on Cybersecurity Insiders.


January 31, 2022 at 10:42AM

FBI still unsure about Israel Phantom Spyware

After spending a time span of two full years on thinking, US’s Federal Bureau of Investigation (FBI) is still unsure on whether to buy Phantom Spyware from the Israeli firm NSO Group or not.

FYI, NSO Group claims to have developed the best spying tool (as Phantom) that has the potential to hack into any phone device operating in United States.

NSO is the same company that was banned by the Biden administration from trading in North America and so will no longer be eligible to develop or sell any software to the government agencies linked to White House.

Till the year 2019, FBI was intending to buy the hacking software to curtail phone based crimes, thence protecting the integrity and civil liberties of the people of America.

But as the company was facing a lot of legal hassles from tech companies like Apple Inc, Facebook owned Meta- also a parent company of WhatsApp and Android owned Google, FBI has decided to drop or either holds the plan to purchase a spying license to the Phantom Spying software from NSO.

Interestingly, the company’s said software was also on much demand from other law enforcement agencies such as CIA, the Secret Service and the US Military’s Africa Command.

But since an executive order to ban the software operations and trade was imposed on the Israeli firm for developing Pegasus spying software, its services and products cannot be purchased by anyone from the Joe Biden led Nation.

Meanwhile, FBI has also imposed a ban on Iran-based Emennet Pasargad company as it was found hacking into the voters database of New York with an intention to interfere in the outcome of the 2020 US Presidential Elections.

The post FBI still unsure about Israel Phantom Spyware appeared first on Cybersecurity Insiders.


January 31, 2022 at 10:41AM

Friday, January 28, 2022

The Bitglass Blog

In 2015 several things happened in the tech world that significantly impacted our lives today, such as Google making their powerful artificial intelligence technology (TensorFlow) open source, the start of the media streaming wars, and the introduction of the Apple Watch to the world. Also that year a first of its kind experiment, run by Bitglass, tracked where stolen data travelled through the “Dark Web.” 

The post The Bitglass Blog appeared first on Cybersecurity Insiders.


January 29, 2022 at 09:09AM

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

SAN JOSE, Calif.–(BUSINESS WIRE)–The SJW Group (NYSE: SJW) board of directors has appointed James P. Lynch as chief accounting officer and Andrew F. Walters as chief financial officer. Peter Fletcher has been appointed vice president – information security officer of San Jose Water Co., a wholly owned subsidiary of SJW Group. The appointments were effective on Jan. 26. Lynch and Walters have both held previous officer positions at SJW Group.

Lynch, who had served as the CFO and treasurer since 2010, has taken on the role of CAO. In this role, he will continue to be responsible for all aspects of financial reporting, leading the company’s accounting team to ensure compliance with accounting practices and providing strategies for credit ratings metrics. Lynch has an extensive accounting and auditing background, with a 26-year career at KPMG LLP that included responsibilities as an audit partner.

Walters, who had recently served as chief corporate development officer and an integration executive, has been with SJW Group since 2014. In his new role, he will be responsible for driving business planning, growth and development as well as treasury, investor relations and other related functions. Prior to joining SJW Group, Walters was a managing director and senior investor for JP Morgan’s Infrastructure Investment Group. Prior to JP Morgan, he gained extensive experience in mergers and acquisitions, finance, and private equity fundraising as managing director and head of infrastructure investment banking for the Americas at Citigroup.

Eric W. Thornburg, chair, president and CEO of SJW Group, stated, “These two new roles, which will both report directly to me, put Jim and Andrew in positions where they can leverage their individual expertise and backgrounds to best serve our growing and more complex organization. These appointments also enhance the organization’s succession planning efforts. SJW Group’s transformation into a multistate water and wastewater company with operations in California, Connecticut, Maine and Texas has added to the complexity of accounting and financial reporting. Jim’s extensive background in these areas is well suited to meet those increasing challenges. Likewise, the expansion of our footprint has increased the focus on business planning, acquisitions and earnings growth that can be supported with Andrew’s expertise.”

Fletcher has been with San Jose Water since 2016 and most recently served as the senior director of cybersecurity and networking. In his new role as vice president – information security officer, he will have responsibilities across all SJW Group operations.

Thornburg stated, “Last fall, I was privileged to be invited by the White House to join a select group of business, national security and academic leaders in discussing cybersecurity. The discussions reinforced the criticality of sharing information and resources between businesses, government, academia and utilities. We are fortunate to have the expertise of Peter, a well-recognized leader in cybersecurity, to lead our efforts across the company and within our industry in this critical area.”

Lynch holds a bachelor’s degree in commerce from Santa Clara University. Walters holds a bachelor’s degree in business administration from Colorado State University. And Fletcher holds an associate’s degree in accounting, mathematics and statistics from Southdowns College in the United Kingdom.

About SJW Group

SJW Group is among the largest investor-owned pure-play water and wastewater utilities in the United States, providing life-sustaining and high-quality water service to about 1.5 million people. SJW Group’s locally led and operated water utilities — San Jose Water Co. in California, The Connecticut Water Co. in Connecticut, The Maine Water Co. in Maine and SJWTX Inc. (dba Canyon Lake Water Service Co.) in Texas — possess the financial strength, operational expertise and technological innovation to safeguard the environment, deliver outstanding service to customers and provide opportunities to employees. SJW Group remains focused on investing in its operations, remaining actively engaged in its local communities and delivering continued sustainable value to its shareholders. For more information about SJW Group, please visit www.sjwgroup.com.

Forward-Looking Statements

This release contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995, as amended. Some of these forward-looking statements can be identified by the use of forward-looking words such as “believes,” “expects,” “may,” “will,” “should,” “seeks,” “approximately,” “intends,” “plans,” “estimates,” “projects,” “strategy,” or “anticipates,” or the negative of those words or other comparable terminology. These forward-looking statements are only predictions and are subject to risks, uncertainties, and assumptions that are difficult to predict.

These forward-looking statements involve a number of risks, uncertainties and assumptions including, but not limited to, the following factors: (1) the effect of water, utility, environmental and other governmental policies and regulations, including actions concerning rates, authorized return on equity, authorized capital structures, capital expenditures and other decisions; (2) changes in demand for water and other services; (3) the impact of the Coronavirus (“COVID-19”) pandemic on our business operation and financial results; (4) unanticipated weather conditions and changes in seasonality including those affecting water supply and customer usage; (5) climate change and the effects thereof; (6) unexpected costs, charges or expenses; (7) our ability to successfully evaluate investments in new business and growth initiatives; (8) contamination of our water supplies and damage or failure of our water equipment and infrastructure; (9) the risk of work stoppages, strikes and other labor-related actions; (10) catastrophic events such as fires, earthquakes, explosions, floods, ice storms, tornadoes, hurricanes, terrorist acts, physical attacks, cyber-attacks, epidemic, or similar occurrences; (11) changes in general economic, political, business and financial market conditions; (12) the ability to obtain financing on favorable terms, which can be affected by various factors, including credit ratings, changes in interest rates, compliance with regulatory requirements, compliance with the terms and conditions of our outstanding indebtedness, and general market and economic conditions; and (13) legislative and general market and economic developments. The risks, uncertainties and other factors may cause the actual results, performance or achievements of SJW Group to be materially different from any future results, performance or achievements expressed or implied by such forward-looking statements.

Results for a quarter are not indicative of results for a full year due to seasonality and other factors. Other factors that may cause actual results, performance or achievements to materially differ are described in SJW Group’s most recent Annual Report on Form 10-K, Quarterly Reports on Form 10-Q and Current Reports on Form 8-K filed with the SEC. Forward-looking statements are not guarantees of performance, and speak only as of the date made. SJW Group undertakes no obligation to publicly update or revise any forward-looking statement, whether as a result of new information, future events or otherwise.

The post SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer appeared first on Cybersecurity Insiders.


January 29, 2022 at 09:08AM

How Will 5G Technology Alter IoT Security And How Can We Prepare?

The 5G technology appears to be perfect from a distance, with its grand claims of fostering efficient interconnectivity and speedy data transfers between people, objects, and devices. From this claim alone, everything seems too good to be true. Despite the massive inclination that we might have to believe these claims, we must scrutinize the legitimacy of the claims being made by 5G providers and get to the reality of the situation to maintain a robust cybersecurity landscape for the long run.

As an increasing number of companies plan to implement 5G mobile networks on a large scale, organizations need to consider the security risks that the technology can pose.

Multiple cybersecurity experts suggest that some of the vulnerabilities found within the 5G technology directly result from ignored problems passing down from 4G, and in some cases, even 3G networks. Moreover, predictions made by Gartner indicate that a staggering 59% of organizations plan to support their IoT networks through 5G- which opens up new avenues for cybercriminals to exploit.

This article explores the possible ramifications that 5G could have for IoT security, along with some steps that enterprises can take to prepare for it. But before that, first, discuss the current situation of the 5G landscape and the monumental influence on businesses.

The Present-Day 5G Landscape

The eagerness displayed by businesses to jump on the 5G bandwagon comes off as no surprise to anyone since the additional 500 to 1500 Mbps of speed can significantly boost efficiency and download and upload speeds within the enterprise. Whirlpool has started deploying the 5G technology; other reputable organizations like Samsung, Nokia, and Cisco jump in on the trend. These manufacturers have either begun to develop enterprise-wide 5G solutions or have made plans to do so in public.

The most important factor businesses need to account for within their 5G implementation is time. As multiple specialists have stated, organizations need to take considerable time and financial investments to upgrade their existing infrastructure to cater to the technology. Being impatient with the implementation of 5G technology proves to be disastrous since organizations will be more likely to forego security concerns and put their business at risk.

Furthermore, as the Internet of Things continues to expand at a lightning-fast pace, there are multiple entry points available for hackers to exploit, who are busy scanning for open ports in the devices’ software, to deploy vulnerabilities such as malicious scripts and bots into the network. The advent of 5G brings to the surface an issue that has been around for a long time: the fragile state that IoT security is the inin-a problem that 5G has a big chance of magnifying.

Why Does the Implementation of 5G Networks Pose Security Risks?

76% of risk professionals believe that IoT puts them at risk of cyberattacks, understanding why 5G amps up organizations’ vulnerability are crucial to exercise the correct security measures.

As 5G mobile networks become widespread, the sooner we come to terms with the changes that the implementation of such a technology could have, the smoother the transition to a 5G-based organization will be. It’s crucial to begin to take preparatory measures against the risks that 5G brings if you understand why they occur in the first place. The main reasons behind 5G’s susceptibility to cyberattacks can be summed up in the following points:

  • As soon as businesses decide to implement 5G technology, their organization has to transition from a centralized, hardware-based network to a software-enabled and distributed network. With previous technologies such as 4G and 3G, the availability of ‘hardware choke points’ made it possible for security teams to insert security fixes, which is not the case with 5G.
  • Unlike most people’s 4G and 3G networks, the 5G technology sees high-priority tasks previously performed by physical appliances be virtualized in software. Although this does increase both efficiency and speed, it also increases cyber vulnerability and provides a larger attack surface area to cybercriminals.
  • Even in an ideal scenario, in which all the software vulnerabilities present within an organization’s network are isolated and eliminated, the 5G network is still highly vulnerable to data breaches. Since the 5G network is now managed through software, if a malicious entity gains control over the software managing the network, they could hijack the entire mobile network and wreak as much damage as they please.
  • The widespread implementation of 5G will see a massive spike within the consumed bandwidth, opening a greater surface area for cybercriminals to exploit. Combined with the multiple entry points available through IoT devices, this could result in many breaches and attacks launched on naive users.

How Can 5G Networks Be Secured?

When considering the dire impact that 5G has on IoT security, the matter of 5G security becomes quite urgent and requires the immediate attention of security specialists all over. When we shift our perspectives and take a look at the situation from the 5G network perspective, it becomes pretty apparent that for IoT security to foster, start creating trustworthy IoT devices. Moreover, it is also essential to define trustworthiness by judging the device’s hardware, software, and configuration.

Consequently, it is also vital for businesses to enhance the security of their 5G networks through the frequent deployment of security patches, which are to be released in the form of software updates. Furthermore, it is also critical that they ensure that IoT devices are being governed based on the identities they host, the security measures they exercise, and their compliance. Organizations should encourage using data center proxies that ensure complete anonymity and IP authentication. Using these proxies means no snooping eyes can invade your network and target you for possible attacks. Also, it’d be helpful if companies focus on devising a comprehensive set of regulations that governs their employees’ interactions with 5G and prevents them from committing security blunders.

Parting Words

With the advent of 5G mobile networks, the world has become more close-knit and connected, with a million possibilities now at the tips of our fingertips. While the promise that 5G makes is genuinely spectacular, it is critical to stay grounded and exercise caution with the technology’s implementation so that everyone may be able to make the most out of all that it has to offer!

The post How Will 5G Technology Alter IoT Security And How Can We Prepare? appeared first on Cybersecurity Insiders.


January 29, 2022 at 04:52AM

Preserving Health Care Data Security in 2022

Health care data has become a focus for many recent cybersecurity efforts. The medical industry has become a favorite target of cybercriminals, with one in five Americans having their information exposed in a breach.

Regulations like HIPAA require medical organizations to protect patient data, but they often don’t specify how. It’s up to the covered entities themselves to determine what specific protections can help them achieve these ends. Here are five steps to preserve health care data security in 2022.

1. Implement Strict Access Controls

The first step organizations should take is to restrict who can access what data. Rising Internet of Things (IoT) and remote health care adoption mean there’s a higher risk attackers could use one seemingly insignificant entry point to gain critical information. Reducing user access from the beginning limits what one breach can do.

Access controls should follow the principle of least privilege. Every user and system should only be able to see the data they need to perform their role properly. Keep in mind that these requirements may change over time, so network administrators may have to reevaluate and adjust permissions periodically.

2. Monitor and Restrict Data Usage

After restricting access controls, IT teams should monitor how different users and systems use data. Some vulnerabilities are unavoidable because certain users need data access but may not act safely. For example, electronic health records (EHRs) give patients remote access to their data, but users may fall for phishing scams.

Usage monitoring can help control these vulnerabilities. If you understand how various people and systems typically use their data, you can highlight irregularities that may signify a breach. Some advanced network monitoring tools can automate this process, restricting accounts when they behave irregularly.

You should also install controls to limit unnecessarily risky actions from authorized users. For example, patients should be able to view their data, but systems should stop them from sharing it without authorizing the third party.

3. Encrypt Data at All Points

Another crucial step in securing health care data is encrypting it. HIPAA doesn’t necessarily require encryption, but it is a helpful step in maintaining privacy, as it renders information virtually useless to anyone who intercepts it. Many services encrypt data at rest, but it’s also crucial to ensure you do so in transit.

Medical organizations will have to send digital data to remote users more frequently as telemedicine adoption increases. This trend presents a valuable opportunity for hackers if there’s no in-transit encryption. Cybercriminals could intercept data as it goes from one point to another, so at-rest encryption won’t be sufficient to maintain privacy.

4. Train Employees in Best Practices

Some of the best cybersecurity measures aren’t technical but a matter of management. Employee security training is crucial, regardless of what other steps you take. One mistake can let an attacker slip past even the most sophisticated technical defenses, so organizations must prevent unsafe user behavior.

Phishing is one of the fastest-rising cybersecurity threats, so employees should know how to spot these attacks. Social engineering avoidance should be part of all workers’ onboarding processes. Regular refresher training can also remind employees of how they can spot and avoid phishing attempts.

Training should cover best practices like using multifactor authentication and strong, unique passwords. Informing patients of these steps in telemedicine apps is also important.

5. Penetration Test Regularly

Remember that cybersecurity is an ever-evolving field. Cybercriminals will always find new attack methods, and growing IT sprawl will make systems increasingly complex and hard to manage. In light of these ongoing challenges, you should penetration test regularly to find any vulnerabilities that need fixing.

The average hospital has 10 to 15 connected devices per bed, giving them massive attack surfaces. Given this complexity, medical organizations can’t likely find every potential vulnerability themselves. They need expert help to find and patch the weak points in their defenses.

Health Care Data Security Is Essential in 2022

The medical industry is becoming a more enticing target since it’s increasingly reliant on connected infrastructure. Data security in the sector must improve in light of rising cybercrime and these vulnerabilities.

These five steps can help IT teams in medical organizations protect their sensitive information. Ensuring data security in this industry can be challenging, but the benefits far outweigh the complications. The sector could jeopardize the safety of those already in need if it doesn’t become more secure.

The post Preserving Health Care Data Security in 2022 appeared first on Cybersecurity Insiders.


January 29, 2022 at 04:07AM

Godspeed Capital Acquires Savli Group, Inc.

WOODBINE, Md.–(BUSINESS WIRE)–Godspeed Capital Management LP (“Godspeed Capital”), a lower middle-market Defense & Government services, solutions, and technology focused private equity firm, today announced the successful acquisition of Savli Group, Inc. (“Savli” or the “Company”), a professional services company providing ServiceNow Software and Information Technology automation solutions to mission-oriented Federal Agencies, including the U.S. Defense and Intelligence Communities. The financial terms of the transaction were not disclosed.

The newly acquired Savli will join as the second add-on to Godspeed Capital’s existing portfolio companies, Varen Technologies, Inc. (“Varen Technologies”) and Exceptional Software Strategies, Inc., (“ESS”) under a recently formed cyber and technology solutions platform holding company designed to provide U.S. Defense and Intelligence Community agencies with a full suite of solutions and services to combat an increasing and ever-evolving level of cybersecurity and intelligence threats.

Founded in 1996 by former NASA engineer and entrepreneur Vishal Desai, Savli boasts a 26-year history of successfully implementing and integrating innovative mission-critical Software and Information Technology solutions for discerning U.S. Government and commercial clients. The Company is a leading ServiceNow Elite Partner solutions provider for key Intelligence Community customers. Specific solutions and services include tailored implementations, integrations, digital transformation services, consulting, and strategy development.

Vishal Desai, Founder & President of Savli, said, “Godspeed Capital is utilizing its deep industry expertise to build a premier platform that will help provide mission-critical cyber and technology solutions to the U.S. Defense and Intelligence Communities. We are proud to join this platform alongside Varen Technologies and ESS, where Godspeed’s strategic playbook and resources will enable us to work alongside other expert providers of government-related technology solutions as we continue to meet the evolving needs of the U.S. Intelligence Community.”

Savli is an “Elite Partner” with ServiceNow, one of only 120 Elite Service & Sales Partners globally. Nearly each of the Company’s more than 20 specialized employees, primarily focused on professional delivery, hold high level security clearances. By offering an end-to-end solution with respect to the ServiceNow continuum, Savli is critically important to ensuring the successful implementation of next-generation, mission-critical Information Technology roadmaps for its U.S. Intelligence Community customers.

“We are thrilled to partner with Vishal and the entire Savli team, whose end-to-end ServiceNow Software and Information Technology solutions are essential tools for the U.S. Intelligence Community. Savli’s decades of experience, stellar reputation, and high-level expertise across a wide range of specialized technology services makes the Company an ideal partner for Godspeed as we continue to scale our platform and provide technology and security solutions for the U.S. Intelligence Community for years to come. By combining Savli’s expertise with that of Varen Technologies and ESS, our rapidly growing platform is well-positioned to grow and expand its continuum of innovative services and solutions,” said Douglas T. Lake, Jr., Founder & Managing Partner of Godspeed Capital.

Savli Group, Inc. was advised by Star Advisory Services and supported by legal counsel Miles & Stockbridge.

About Savli Group, Inc.

Founded in 1996 and based in Maryland, Savli is a professional services company providing Software and Information Technology solutions and services, including ServiceNow implementation and integration, to mission-oriented customers primarily within the U.S. Intelligence Community. Savli offers core capabilities in ServiceNow implementations, integrations, mission transformation services, consulting, and strategy development, serving primarily the Intelligence Community customers. For more information, please visit the Savli Group, Inc. website at http://www.savli.com/.

About Godspeed Capital

Godspeed Capital is a lower middle-market Defense & Government services, solutions, and technology focused private equity firm investing alongside forward-thinking management teams that seek an experienced and innovative investment partner with unique sector expertise, operational insight, and flexible capital for growth. While a typical investment will involve companies generating approximately $3 million to $30 million of EBITDA, Godspeed Capital has significant support to complete larger transactions through strategic co-invest relationships. The firm focuses on control buyouts, buy-and-builds, corporate carve-outs, and special situations. For more information, please visit the Godspeed Capital website at www.godspeedcm.com.

The post Godspeed Capital Acquires Savli Group, Inc. appeared first on Cybersecurity Insiders.


January 28, 2022 at 09:09PM

Data Privacy Day Underscores Importance of Safeguarding Personal Information Online

WINTER PARK, Fla.–(BUSINESS WIRE)–Data is everywhere. It is used in a variety of ways and formats. What we use to communicate and advance our lives, can also have a dark side. Personal information can become compromised and can cause a path of destruction that negatively impacts our financial security and our identity.

Friday, January 28, 2022, is Data Privacy Day, or Data Protection Day. This is a national day dedicated to raise awareness and improve knowledge for individuals and businesses on how to stay safe online and protect personal information. With so many activities making headlines about data breach scandals, hacks, and cybersecurity threats it is imperative to give the topic the attention it needs to underline the necessity for data privacy and advocacy for increased data privacy legislation. Additionally, encouraging businesses to respect consumer data, implement safeguards and adoption of appropriate security controls around the collection, processing and sharing of such customer data. In today’s hyper-connected world, it is imperative that business understand the legal basis for collecting, processing and sharing consumer data, this is especially important for sensitive personal identifiable categories of data.

To protect your sensitive data that could potentially be abused and to prevent scams, it is important to follow the following tips:

  • Avoid Phishing scams – beware of suspicious calls or emails, and avoid clicking on unknown links or attachment
  • Create strong passwords
  • Be wary of free or open Wi-Fi networks
  • Install anti-virus and anti-malware protection
  • Keep all your software apps up to date
  • Use two-factor authentication

“There is a fine line between privacy and convenience. By striking the right balance, individuals and businesses can tap into guides, tips, insights, and trustworthy partners that will help navigate the digital world and take back control of sensitive digital information,” says Regine Bonneau, CEO of RB Advisory LLC, a leader in empowering companies to successfully manage global cybersecurity risks, vulnerabilities and compliance requirements.

On this Data Privacy Day, be committed to increasing awareness about the processing of your company’s data. Education and increased awareness can help prevent cyber threats and mitigate risks. There are many options available to practice good cyber hygiene and safeguard digital information. Contact us at 407-794-5668 to schedule a free 30-minute consultation with an industry leader focused on helping customers understand the value of their corporate data.

About RB Advisory LLC

RB Advisory provides private sector and government clients with best practices and methodology to protect their important assets: data, clients, and people. Recognized as a highly qualified and trusted cybersecurity, risk management and compliance service provider, RB Advisory works with clients across a wide range of industries, specializing in risk management solutions, IT solutions, solutions for federal agencies and critical infrastructure solutions. www.rbadvisoryllc.com

The post Data Privacy Day Underscores Importance of Safeguarding Personal Information Online appeared first on Cybersecurity Insiders.


January 28, 2022 at 09:09PM

Cyber Attack on Iran State TV leads to display of images of dissidents

Iranian State TV was hacked and images of dissidents were displayed for 10 seconds in what seems to be the first of its kind incident in the history of the Islamic nation.  

Viewers were surprised to see Massoud Rajavi, the founder of People’s Mujahedeen (MEK) and his wife Maryam Rajavi for a few seconds and then were forced to see a crossed image of leader Ayatollah Khamenei, with a voice of a man chanting ‘Salute to Rajavi and death to Khamenei.

ISNA News Agency from Iran reported that Reza Alidadi, the head of the state broadcaster’s technology, issued a public apology and added that the attack seems to be a sophisticated one arising from an outside state.

People’s Mujahedin that has now been exiled said that its followers did the hacking of the state tv for 10 seconds and were a retaliation to the latest deeds of Revolutionary Guard, an intelligence branch of Islamic Republic.

Reza Alidadi, a state’s top official, responded to the hack by saying that it involved the technical help of a foreign nation and added that the nation will give a befitting reply to that attack on the broadcaster soon.

Note- In the 1980s, during the regime of Saddam Hussein as a supreme leader of Iraq, MEK fled to the country and took shelter and was nurtured by the said leader for few years. So, during that period, the MEK that was led by Maryam Rajavi was disliked by many in Iran. Now, things seem to have turned merry for the socialist organization that is seen picking up pace again.

The post Cyber Attack on Iran State TV leads to display of images of dissidents appeared first on Cybersecurity Insiders.


January 28, 2022 at 10:46AM

Ransomware news trending on Google

1.) A Taiwan-based electronics firm named Delta Electronics was hit by a ransomware attack on January 22nd, 2022, affecting its admin operations to the core. Delta that supplies hardware parts to other businesses such as Tesla, Apple Inc, Dell, and HP disclosed that Conti Ransomware gang was behind the attack on its servers and recovery was under process.

Delta stated that the IT staff is putting 100% effort to recover from the incident and the company is in no mood to entertain the $15 million ransom demand put forward by the Conti Ransomware group.

2.) In other news related to QNAP, a Taiwan company that provides Network Attack Storage (NAS) appliances has released an official statement that its data storage hardware and routers operating across the world were vulnerable to Deadbolt ransomware attack and should keep their software updated with the newer version to avert any disruption.

QNAP has already issued a set of instructions to follow on its website for its users and added that the cyber threat only exists for its NAS appliances connected to the internet.

3.) Third is the news belonging to the France’s Ministry of Justice that has been hit by Lock Bit 2.0 ransomware gang. News is out that the ministry has been given a deadline of February 10th of next month, after which the accessed data will be released on the dark web and sold for monetary benefits.

This is not the first time that the French Ministry of Justice was hit by a malware as it is becoming a victim to such sophisticated cyber attacks now and then.

For instance, earlier this month, another ransomware group affiliated to LockBit breached the networks of French Defense and security firm Thales and siphoned a portion of critical information that contains details related to energy firm Schneider Electric that was targeted by a digital attack last month.

So, France’s Cybersecurity Agency (ANSSI) has issued a warning to the businesses operating in its region about possible cyber attacks that could cripple their networks forever. And the situation seems to deteriorate further as France has supported Ukraine in its war with Russia.

4.) The fourth news that is related to ransomware and trending on Google is related to a new ransomware gang dubbed “White Rabbit”. According to a report released by Trend Micro, the said file encrypting malware strain is having links to financial criminal gang named FIN8 and plans to attack one of the major US banks by next month’s end.

White Rabbit Ransomware has links to a more established gang Egregor that is in the same ransomware business and has been targeting only small companies and appears to be preparing itself to hit a large target soon.

The post Ransomware news trending on Google appeared first on Cybersecurity Insiders.


January 28, 2022 at 10:45AM