Healthcare & Biopharma

#InformationSecurity News - 4/17/15

  • Read comments from the SMP team in this IE3 article "You've Been Hacked ... But You Can Hack It!" about how to handle a cyberattack. 
  • After a three-year delay, federal regulators remain tight-lipped about when the next round of HIPAA compliance audits will begin reports Healthcare Info Security
  • Threatpost shares that Chinese attackers used a system named the Great Cannon to launch a recent series of distributed denial of service attacks.
  • From ZDNet: A number of prominent French technology companies are threatening to leave the country in the wake of mass surveillance plans. 
  • "We TOLD you not to use WPS on your Wi-Fi router! We TOLD you not to knit your own crypto!" says Naked Security

#InformationSecurity News - 1/27/15

  • Reporting HIPAA Breaches: A New Approach - The Department of Health and Human Services is taking steps to make the process of using online tools to report breaches more efficient, hoping that will help ease the launching of investigations. More at Healthcare Info Security
  • Sixty percent of organizations have increased their security spending by one-third -- but many security managers still don't think that's enough, Ponemon study finds. Details via InformationWeek DarkReading.  
  • The details of three high-severity vulnerabilities affecting Apple’s OS X operating system have been disclosed over the past two days by Google. The security holes were made public this week after the 90-day disclosure deadline given by Project Zero to vendors expired. Learn more at Security Week
  • As a result of President Obama's "Buy Secure" initiative, the federal government this month is kicking off its EMV rollout, which includes the issuance of chip-and-PIN cards for all federal employees and benefits programs. Read the story at Bank Info Security
  • According to the latest research by Trend Micro, a variant of Curve-Tor-Bitcoin (CTB) Locker ransomware – also known as Critroni – being distributed in a spam campaign now offers victims additional time to pay the ransom, but also requires them to pay a whole lot more than previously. Details via SC Magazine

#InformationSecurity News - 11/21/14

  • Amnesty's Detekt tool wants to help you thwart government spying - read the full story at ZDNet
  • Learn how splitting a computer into multiple realities can protect you from hackers at WIRED
  • Healthcare Info Security reports that NSA Chief Michael Rogers says damaging cyber-attacks are coming
  • IBM researchers have found signs that the prolific Trojan is now being used to attack widely used password managers - more at Dark Reading
  • Financial sector terrorism threat grows as the risk from ISIS continues to increase - details at Bank Info Security

#InformationSecurity News - 10/17/14

#InformationSecurity News - 10/3/14

  • Futuristic bracelet uses heartbeats as a password—but is it secure? Company pairing a wearer's electrocardiogram with a mobile phone makes a lot of promises. Ars Technica investigates
  • For National Cyber Security Awareness Month (NCSAM), Naked Security shares three essential security tasks you can do for your family today. 
  • CSO Online offers three steps you need to take to avoid overreacting to the bash bug, which are necessary to be effective in the wake of the recent frenzy. 
  • Bank Info Security reports that 108 different restaurants were recently compromised including Jimmy John's. 
  • Distributed-denial-of-service attacks that target the Bash flaws known as Shellshock have spiked in recent days CU Info Security says

And next Thursday, October 9 at The Bank Summit 2014 don't miss Peter Bamber, CISA, CRISC, CISSP, Vice President, Information Security Consulting Services, for Security Management Partners present "Cybersecurity Preparedness and the FFIEC Cybersecurity Intitiative at 10:15 a.m. EDT. Learn more here: http://www.prlog.org/12374657-security-management-partners-to-discuss-cybersecurity-preparedness-at-the-bank-summit-2014.html