Newsroom

29 Nov

What is HIPAA Compliance?

Learn about the Health Insurance Portability and Accountability Act (HIPAA) and the requirements for HIPAA compliance in Data Protection 101, our series on the fundamentals of information security. A Definition of HIPAA ComplianceThe Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place...

28 Nov

Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

in Cyber Security

Comments

As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or execute arbitrary code and take over the administration server. "This enables an attacker to quietly take over the App Service's git server,...

27 Nov

5 tips for better Google Drive security

in Cyber Security

Comments

As cloud storage solutions are becoming more and more popular, we look at several simple steps you can take to secure your files on Google Drive. Cloud storage solutions have steadily become as popular as external storage devices; some may even argue that they are slowly surpassing them. The main selling point of the cloud is that it is quickly, easily, and readily accessible from almost...

26 Nov

New tool helps companies assess why employees click on phishing emails

in Cyber Security

Comments

NIST’s tool can help organizations improve the testing of their employees’ phish-spotting prowess. Researchers at the US National Institute of Standards and Technology (NIST) have devised a new method that could be used to accurately assess why employees click on certain phishing emails. The tool, dubbed Phish Scale, uses real data to evaluate the complexity and quality of phishing attacks to help organizations comprehend where their...

25 Nov

Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability

in Cyber Security

Comments

If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' (CVE-2020-1472) and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the insecure usage of AES-CFB8 encryption for Netlogon sessions, allowing remote attackers...

24 Nov

Plugging in a strange USB drive – What could possibly go wrong?

in Cyber Security

Comments

While wanting to return a found USB flash drive is commendable, you should avoid taking unnecessary risks, lest your device get infested and your data compromised. External data storage devices have been around almost as long as computers have existed. Magnetic tape and floppy disks, which were once the dominant media, are now mostly fond memories, while optical discs are mostly used in gaming consoles. For...

What is HIPAA Compliance?

Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

5 tips for better Google Drive security

New tool helps companies assess why employees click on phishing emails

Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability

Plugging in a strange USB drive – What could possibly go wrong?

Australian Government Information Security Manual updated

Cisco issues critical security warning for IOS XE REST API container

About 50% of Apps Are Accruing Unaddressed Vulnerabilities

Smart cities must be cyber‑smart cities

Latest Posts

BrandPost: New challenges in dealing with ransomware and protecting data

Half of Orgs Use Web Application Firewalls to Paper Over Flaws

Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines

Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021

Over 40% of Log4j Downloads Are Vulnerable Versions of the Software

Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign

Securing healthcare: An IT health check on the state of the sector

Nvidia hackers release code-signing certificates that malware can abuse