Category Archives: News

Diffy: A triage tool for cloud-centric incident response

The Netflix Security Intelligence and Response Team (SIRT) has released Diffy, an open source triage tool that allows digital forensics and incident response teams to quickly pinpoint compromised hosts during a security incident on cloud architectures. The name of the tool comes from its function: it identifies differences between instances that might point to a compromise (an unexpected listening port, a running process with an unusual name, a strange crontab entry, a surprising kernel module, … More

The post Diffy: A triage tool for cloud-centric incident response appeared first on Help Net Security.

Cyber Chief Magazine: GDPR Winning Moves

This issue delivers a ready-to-use GDPR kit packed full of how-to’s and practical tips that companies need to implement so they don’t end up on the wrong side of an audit. You’ll get the actionable insights you need today, without unnecessary compliance theory. Content in this edition: GDPR Confusion: 7 Common Myths Busted How to Jump-Start GDPR Risk Assessment GDPR Fines: What Should You Expect? …and more!

The post Cyber Chief Magazine: GDPR Winning Moves appeared first on Help Net Security.

Cybersecurity no longer top risk for telecom industry

Telecommunications executives have relegated disruption from new technologies to third place in their risk top 5: the number one risk identified by 60 telecom companies surveyed right now is exchange rate volatility, according to phone companies and internet providers. This latest edition of the BDO 2018 Telecommunications Risk Factor Survey ranks the 5 most significant risks facing telecoms companies as follows: Exchange rate/foreign currency changes Increased competition The fast arrival of new technologies Access to … More

The post Cybersecurity no longer top risk for telecom industry appeared first on Help Net Security.

Multiple Incidents of Medical Healthcare Breaches Over the Last Week

While medical data breaches are climbing in general, last week, we witnessed a huge jump between July 11, 2018 and

Multiple Incidents of Medical Healthcare Breaches Over the Last Week on Latest Hacking News.

Capturing the conscience of the computing profession

After a two-year process that included extensive input from computing professionals around the world, ACM, the Association for Computing Machinery, has updated its Code of Ethics and Professional Conduct. The revised Code of Ethics addresses the significant advances in computing technology and the growing pervasiveness of computing in all aspects of society since it was last updated in 1992. ACM’s Code of Ethics is considered the standard for the computing profession, and has been adopted … More

The post Capturing the conscience of the computing profession appeared first on Help Net Security.

Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches

Cisco has issued another batch of fixes, plugging a number of critical and high severity holes in its Policy Suite, SD-WAN, and Nexus products. Cisco Policy Suite Users of the Cisco Policy Suite should upgrade to Release 18.2.0 as soon as possible, as it implements fixes for four critical vulnerabilities: A vulnerability (CVE-2018-0376) in the Policy Builder interface of the Suite that could be exploited by an unauthenticated, remote attacker to access the Policy Builder … More

The post Cisco plugs serious flaws in Policy Suite, SD-WAN, and Nexus switches appeared first on Help Net Security.

Algonquin College Data Breach Exposed Details Of More Than 111,000 Individuals

Recently, we have reported how various firms exposed their customer’s data online due to vulnerabilities. One such recent example is

Algonquin College Data Breach Exposed Details Of More Than 111,000 Individuals on Latest Hacking News.

“We should prohibit U.S. persons from buying or mining cryptocurrencies,” says Rep. Brad Sherman

A Congressional Financial Services Committee meeting today turned alarmingly hostile to cryptocurrencies and blockchain technology as a whole. This hostility stemmed initially from Democratic Representative Brad Sherman, who stated,”We should prohibit U.S. persons from buying or mining cryptocurrencies.” According to a senior political journalist from Politico in attendance at the meeting, Rep. Sherman believed that […]

The post “We should prohibit U.S. persons from buying or mining cryptocurrencies,” says Rep. Brad Sherman appeared first on Hacked: Hacking Finance.

BEC scams and real estate deals: How to protect yourself?

Despite constant warnings by law enforcement and industry organizations, BEC scammers continue to fleece companies. They target small, medium, and large business and personal transactions, but have, in the last few years, shown a notable predilection for targeting companies in the real estate sector. What are BEC scams? Business E-mail Compromise (BEC)/E-mail Account Compromise (EAC) is a type of scam targeting both businesses and individuals performing wire transfer payments, and often starts with the attackers … More

The post BEC scams and real estate deals: How to protect yourself? appeared first on Help Net Security.

Retail data breaches continue to reach new highs

Thales announced the results of its 2018 Thales Data Threat Report, Retail Edition. According to U.S. retail respondents, 75% of retailers have experienced a breach in the past compared to 52% last year, exceeding the global average. U.S retail is also more inclined to store sensitive data in the cloud as widespread digital transformation is underway, yet only 26% report implementing encryption – trailing the global average. Year-over-year breach rate takes a turn for the … More

The post Retail data breaches continue to reach new highs appeared first on Help Net Security.

Inside look at lifecycle of stolen credentials and extent of data breach damage

Shape Security released its Credential Spill Report, shedding light on the extent to which the consumer banking, retail, airline and hospitality industries are impacted by credential stuffing attacks and account takeover. The report analyzes attacks that took place in 2017 and reveals 2.3 billion account credentials were compromised as a result of 51 independent credential spill incidents. Credential stuffing collectively costs U.S. businesses over $5 billion a year. When usernames and passwords are exposed, or … More

The post Inside look at lifecycle of stolen credentials and extent of data breach damage appeared first on Help Net Security.

Attention all passengers: Airport networks are putting you at risk!

Coronet released a report identifying San Diego International Airport, John Wayne Airport-Orange County (CA) International Airport and Houston’s William P. Hobby International Airport as America’s most cyber insecure airports. The purpose of the report is to inform business travelers of how insecure airport Wi-Fi can inadvertently put the integrity and confidentiality of their essential cloud-based work apps (G-Suite, Dropbox, Office 365, etc.) at risk, and to educate all other flyers on the dangers of connecting … More

The post Attention all passengers: Airport networks are putting you at risk! appeared first on Help Net Security.

Ransomware Attack at a U.S. Hospital – Why Healthcare Is An Easy Target

A hospital in the U.S. revealed that it has endured a ransomware attack. This digital assault happens to be the

Ransomware Attack at a U.S. Hospital – Why Healthcare Is An Easy Target on Latest Hacking News.

Video: Network Critical’s SmartNA-PortPlus Network Packet Broker

Network Critical’s innovative SmartNA-PortPlus Network Packet Broker bridges the gap between todays ultra high speed networks and existing management, monitoring and security tools. The SmartNA-PortPlus provides up to 48 ports of 10/25Gbps plus 6 ports of 40/100Gbps in a non-blocking single RU chassis, enabling users to interconnect different network protection and monitoring tools quickly and easily. Beyond server ready high speed connectivity for security and monitoring tools, the SmartNA-PortPlus is also a feature rich traffic … More

The post Video: Network Critical’s SmartNA-PortPlus Network Packet Broker appeared first on Help Net Security.

Kaspersky Lab official blog: CoinVault: Caught red-handed

Way back in 2015, Kaspersky Lab helped Dutch cyberpolice catch the creators of one of the very first pieces of ransomware, CoinVault. The decryptor we developed for it inspired the NoRansom portal, where we upload tools for unlocking files after various encryption attacks. Although CoinVault’s creators were caught a while ago, the first court hearing took place recently, and our expert Jornt van der Wiel attended.described its structure in detail in late 2014. The malware authors took great pains to hide it from security solutions and hinder its analysis. The ransomware can determine, for example, whether it is being run in a sandbox, and its code is heavily obfuscated.

Nevertheless, our experts were able to get to the source code and find a clue that ultimately led to the criminals’ arrest: It contained some comments in Dutch. It was fairly likely that the malware hailed from the Netherlands.

We passed the information to the Dutch cyberpolice, and within a few months they reported the successful capture of the campaign masterminds. Thanks to our cooperation with the Dutch police, we managed to obtain the keys from the C&C server and develop a data decryption tool.

Lady Justice weighs the evidence

The police collected almost 1,300 statements from victims of the ransomware. Some of them appeared in court personally to demand compensation. One victim, for example, had their vacation ruined by the ransomware. They estimated the damage at 5,000 euros, saying that this sum would enable them to pay for another trip.

Another victim asked for the ransom to be paid back in the same coin — bitcoin. Since the attack, the cryptocurrency exchange rate has risen almost thirtyfold, so if the court satisfies the claim, it will be the first time that an injured party has earned money from a ransomware attack.

At the recent hearing, the prosecutors demanded punishment in the form of three months’ imprisonment, followed by a nine-month suspended sentence and 240 hours’ community service. The defense asked the court not to put the brothers behind bars, arguing that the defendants had cooperated with the investigation, plus one is irreplaceable in his current job and the other is in college. The verdict will be delivered at the next hearing, on July 26.

Trespassers will be prosecuted

We always say that giving in to criminals only encourages them. The trial of the CoinVault creators shows that even seemingly anonymous cybercriminals cannot escape punishment. But instead of waiting three years for justice, it’s better to protect yourself in advance. Remember our standard tips:

  • Don’t click on suspicious links and don’t open suspicious e-mail attachments.
  • Make regular backups of important files.
  • Use a reliable security solution.


Kaspersky Lab official blog

CarePartners Data Breach Update: Hackers Hold The Data To Ransom

Last month, CarePartners announced it faced a data breach. However at the time it did not explain any details about

CarePartners Data Breach Update: Hackers Hold The Data To Ransom on Latest Hacking News.

US Voting Machines Vendor Admits Installing Remote Access Software

The USA’s top voting machine manufacturer has admitted that their company has installed a remote access software in their election

US Voting Machines Vendor Admits Installing Remote Access Software on Latest Hacking News.

No kidnapping, no ransom

Large scale ransomware attacks have been big news over the last few months. Thanks to ever more sophisticated samples — such as the recent variant, Synack —that target victims in almost every country, this has become a global threat.

Download the whitepaper

The figures speak for themselves: with a cost of around $5 billion in 2017, and a 350% increase compared to the previous year, there is no doubt that this Trojan’s reputation as a large threat in the cybersecurity industry is still very much intact.  A cyberthreat that is on the rise, and that will continue to exist as long as victims keep paying the ransoms.

Nowadays, as well as being a threat that is constantly evolving thanks to the variety of samples and infection techniques available to hackers, it is also a criminal tactic that, for hackers, is worth investing their efforts in.  Juicy rewards with a low risk of being caught, and a large amount of targets who can be infected; from individual users to large companies, there are plenty of opportunities.

Advice to avoid ransomware:

  • Ensure that employees’ user accounts are protected with strong passwords, and that they don’t have administrator permissions.
  • Don’t open emails from unknown senders or emails that ask you to open them: the best thing to do is to delete them straight away, and under no circumstances reply to them.
  • Don’t trust shortened links or attachments, even if they’re from trusted contacts.
  • Create backups regularly to avoid loosing data.
  • Draw up and implement an auditing plan (carried out by internal auditing teams, or specialized third parties), both for the organization’s systems and for its policies, in order to be able to detect possible vulnerabilities.
  • Invest resources in improving training and staff awareness of IT security, especially when it comes to this type of threat.
  • The importance of multilevel security: In view of current threats like ransomware, basic protection is not enough. To ensure maximum protection, it is highly recommended to use complex, robust multiplatform tools like Panda Adaptive Defense360.

Download the whitepaper

The post No kidnapping, no ransom appeared first on Panda Security Mediacenter.

Google Fined $5.05 Billion By EU: Android Illegally Used Dominate Search

The European Commission has imposed a fine of $5.05 Billion for violating EU antitrust rules stating that Google has imposed

Google Fined $5.05 Billion By EU: Android Illegally Used Dominate Search on Latest Hacking News.

Saudi Arabia bans video games following suicide of two children

47 games banned in Saudi Arabia after children’s death

Do you remember the deadly online suicide game, ‘The Blue Whale Challenge’ also known as ‘The Blue Whale’, which caught attention of the world after a spate of teen suicides were said to be linked to the game.

For those unaware, The Blue Whale Challenge that became a social media phenomenon, plays out over a period of 50 days, where a player has to successfully complete 50 challenges. These tasks are given by the “curator”, who also asks for photos of the teenagers carrying out the tasks as proof for his approval. Once the 50 challenges are completed, the game directs the player to commit suicide, which is the ultimate task. This game allegedly spread quite quickly in countries like Bangladesh, China, India, and Iran, while it is not too prominent in the West.

Recently, two children, a 13-year-old girl and a 12-year-old boy, in Saudi Arabia killed themselves after participating in a challenge via an online game. Following these deaths, the Saudi General Commission for Audio-Visual Media has banned some of the popular video games citing “unspecified violations of rules and regulations.” According to the commission, it plans to ban 47 popular games that include The Witcher 3, Assassin’s Creed 2, and the most lucrative game of 2017, Grand Theft Auto v.

Given below is a complete list of games banned by the Saudi General Commission for Audio-Visual Media:

Agents of Mayhem
Assassins Creed 2
Attack on Titan 2
Bayonetta 2
Clash of the Titans
Dante’s Inferno
Dead Rising 3 Apocalypse Edition
Deadpool
Deception IV: The Nightmare Process
Deus Ex Mankind Divided
Devils Third
DmC – Definitive edition
Dragon Age: Inquisition
Dragon’s Dogma: Dark Arisen
Draw to Death
Final Fantasy Dissidia
Fist of the North Star: Ken’s Rage 2
God of War 1
God of War 2
God of War 3
Grand Theft Auto V
Heavy Rain
Hitman: Absolution (2012)
Life is Strange
Mafia 2
Mafia 3
Metro Redux
Okami
One Piece Burning Blood
Past Cure
Prison Architect
Resident Evil 5
Resident Evil 6
Saints Row IV
SplatterHouse
Street Fighter V
Street Fighter 30th Anniversary
The Order 1886
The Saboteur
The Witcher 3
The Nonary Game
Thief
Vampyr
Watch Dogs
Wolfenstein 2
Wolfenstein: The New Order
YO-KAI WATCH

While it has been alleged that the children had been encouraged to commit suicide after playing the so-called ‘Blue Whale’ social media game, the agency did not address what connection does the social media challenge have in the issuance of its ban. However, it is worth noting that all the above-mentioned 47 games that are listed for ban have elements of violence in it.

The post Saudi Arabia bans video games following suicide of two children appeared first on TechWorm.

Microsoft offers bug bounties for holes in its identity services

Microsoft is asking security researchers to look for and report technical vulnerabilities affecting its identity services and OpenID standards implementations, and is offering bug bounties that can reach as high as $100,000. “Microsoft has invested heavily in the security and privacy of both our consumer (Microsoft Account) and enterprise (Azure Active Directory) identity solutions. We have strongly invested in the creation, implementation, and improvement of identity-related specifications that foster strong authentication, secure sign-on, sessions, API … More

The post Microsoft offers bug bounties for holes in its identity services appeared first on Help Net Security.

Free training courses on DDoS protection, from introduction to mitigation

The DDoS Protection Bootcamp is the first online portal to provide in-depth technical training in the field of DDoS protection. If you’re involved in IT security or network operations, you know that DDoS attacks are a problem that’s not going away. Recent studies indicate that almost 75% of organizations have suffered at least one attack over the past 12 months. What’s inside? This comprehensive quiz-based training course, available at both the Basic and Advanced levels, … More

The post Free training courses on DDoS protection, from introduction to mitigation appeared first on Help Net Security.

Microsoft tops list of brands impersonated by phishers

The number one brand spoofed by phishers in Q2 2018 in North America was Microsoft, says email security company Vade Security. The company credits the surging of adoption of Microsoft Office 365 for this unfortunate statistic. “It’s clear that Office 365 has become the number one target for corporate phishing attacks,” the company explained. “The reason is that it’s highly profitable to compromise an Office 365 account. Hackers see email-based attacks as an easy entry … More

The post Microsoft tops list of brands impersonated by phishers appeared first on Help Net Security.

Do you have what it takes to become a Chief Scientist in the infosec industry?

Igor Baikalov, Chief Scientist at security analytics firm Securonix, is a trained scientist: he spent over 16 year working on various aspects of Structural Biology, developing new methods for determining the structure of basic building blocks of life: proteins, DNA, and their interactions. “A lot of this work had to do with processing and interpreting massive amounts of data and writing tons of code to do that – something I realized I was pretty good … More

The post Do you have what it takes to become a Chief Scientist in the infosec industry? appeared first on Help Net Security.

Only 65% of organizations have a cybersecurity expert

Despite 95 percent of CIOs expecting cyberthreats to increase over the next three years, only 65 percent of their organizations currently have a cybersecurity expert, according to a survey from Gartner. The survey also reveals that skills challenges continue to plague organizations that undergo digitalization, with digital security staffing shortages considered a top inhibitor to innovation. Gartner’s 2018 CIO Agenda Survey gathered data from 3,160 CIO respondents in 98 countries and across major industries, representing … More

The post Only 65% of organizations have a cybersecurity expert appeared first on Help Net Security.

Digital transformation will help cloud service providers increase revenue

A new IDC survey found that cloud service providers have a high degree of confidence in their business outlook as a result of very strong customer demand for cloud services to enable digital transformation. “Cloud service providers around the world are rapidly changing their business models in response to unprecedented customer demand, offering a mix of new cloud infrastructure, application, and managed services as part of an agile investment strategy,” said Rory Duncan, research vice … More

The post Digital transformation will help cloud service providers increase revenue appeared first on Help Net Security.

GitHub adds Python support for security alerts

GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also work for Python packages. About Security Alerts The security alerts service depends on the Dependency Graph, which is turned on by default for every public repository and can be set up for private repositories. “GitHub tracks public vulnerabilities in Ruby gems, NPM and Python packages on MITRE’s Common Vulnerabilities and … More

The post GitHub adds Python support for security alerts appeared first on Help Net Security.

World powers equip, train other countries for surveillance

Privacy International has released a report that looks at how powerful governments are financing, training and equipping countries with surveillance capabilities. Countries with powerful security agencies are spending literally billions to equip, finance, and train security and surveillance agencies around the world — including authoritarian regimes. This is resulting in entrenched authoritarianism, further facilitation of abuse against people, and diversion of resources from long-term development programmes. Global government surveillance Examples from the report include: In 2001, the US … More

The post World powers equip, train other countries for surveillance appeared first on Help Net Security.

Many infosec professionals reuse passwords across multiple accounts

Lastline announced the results of a survey conducted at Infosecurity Europe 2018, which suggests that 45 percent of infosec professionals reuse passwords across multiple user accounts – a basic piece of online hygiene that the infosec community has been attempting to educate the general public about for the best part of a decade. The research also suggested that 20 percent of security professionals surveyed had used unprotected public WiFi in the past, and 47 percent … More

The post Many infosec professionals reuse passwords across multiple accounts appeared first on Help Net Security.

ENCRYPT Act: Consumer Privacy Vs Law Enforcement Data Access

The Consumer Technology Association (CTA) is supporting the proposed ENCRYPT ACT which forbids the manufacturers of the technology to weaken

ENCRYPT Act: Consumer Privacy Vs Law Enforcement Data Access on Latest Hacking News.

Telefonica Data Breach Exposed Millions Of Consumer Records Online

While some hackers have their work cut out for them looking for their possible victims, some companies provide them with

Telefonica Data Breach Exposed Millions Of Consumer Records Online on Latest Hacking News.

Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities

A new venture fund that will focus on providing capital, strategy, critical resources and unique insights to early-stage cybersecurity companies in Silicon Valley has been officially launched last month. Headed by security technologist Dr. Chenxi Wang and with Amena Zhang, a VC with a strong track record of funding successful startups in Asia, as operating partner, Rain Capital has one other goal in mind: to boost funding to companies led by women and minorities. “Two … More

The post Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities appeared first on Help Net Security.

LabCorp System Hacked For Possible Data Breach Of Millions Of Records

Once again, a medical company has suffered a cyber attack with suspicions for a possible data breach. This time, it

LabCorp System Hacked For Possible Data Breach Of Millions Of Records on Latest Hacking News.

26,000 electronic devices are lost on London Transport in one year

Commuters lost over 26,000 electronic devices on London’s Transport for London (TFL) network last year, new research from the think tank Parliament Street has revealed. The findings reveal that 26,272 devices were reported lost on the network of tubes, trains and buses between April 2017 and April 2018. The report contains further security analysis on the risks lost devices pose for fraudulent activity, identity verification and data security for UK businesses. The data revealed that … More

The post 26,000 electronic devices are lost on London Transport in one year appeared first on Help Net Security.

Most executives trust cloud-based systems to keep account payables secure

WEX released the results of a third-party survey to gauge views of the payments-processing ecosystem from chief financial officers and senior financial executives across the globe. The survey of more than 900 CFOs and senior financial executives from the U.S., Europe and Asia/Oceana revealed that strong faith in the cloud prevails in this group. Large majorities of surveyed executives (the lowest is Asia, with 76 percent) trust cloud-based systems more than locally hosted ERP/AP systems … More

The post Most executives trust cloud-based systems to keep account payables secure appeared first on Help Net Security.

Official Certifications: Generating Trust and Making Us Stand Out

Markets have a well-established life cycle.  So much so that their level of maturity determines not only the level of competition that we can expect, but also the very nature of the demands that clients can make.

And the fact is that, despite its relative youth, the cybersecurity market is extremely mature: The competition is fierce but the solutions, services, and the technology on offer are very similar, especially when it comes to traditional protection models, where there is a notable commoditization.

Nevertheless, the evolution and professionalization of cyberattacks is reaching unprecedented levels. We see over 285,000 new malware samples every day. Hacking is evolving towards new malwareless strategies that in fact already make up 49% of the cases in the world. There are new trends based on leaking and kidnapping confidential information, and government sponsored advanced attacks are ever more common.

The maturity of the market, the pressure from the competition, and the demands made by cyberthreats all mean that clients are calling for a response that is more and more perfect – a truly reliable solution.

A new vision breaks onto the market

With such a standardized market and such similar competition, cybersecurity providers are compelled to make themselves really stand out.  But with this market approach and such a threatening security context, it is not enough to do things the same way they’ve always been done. For clients, it’s not enough to simply get all kinds of tools to cover up any possible security gaps.

Efforts must be focused on what is really important.  And the endpoint is where people’s, companies’, and governments’ critical information is stored and processed.  Work stations and servers must, therefore, be defended. Everything that happens within the corporate network must be controlled, and every effort must be made to reduce the attack surface to the absolute minimum.

Panda met the needs of its clients and of the market in general over the last 6 years in order to design a visionary strategy that the rest of the industry is working to adapt to today.  At that moment, Panda started to differentiate itself by evolving its strategies, reinforcing its development teams, and reinventing cyber-defense models to guarantee the maximum level of protection that had ever been seen.

A disruptive model based on monitoring, registering and classifying absolutely every active process on every computer on the corporate network. This is how Panda Adaptive Defense was born. A cybersecurity suite that incorporates Endpoint Protection and Endpoint Detection & Response (EDR) with 100% Attestation and Threat Hunting & Investigation services.  This combination of solutions and services provides a detailed overview of all activities on every endpoint, total control of running processes, and reduction of the attack surface.

Certification of the model

Finally, this evolution is being rewarded by the market, with an exponential growth in sales and market share; by analysts, with their express recognition and positioning on comparison tests; and even by public institutions, with the numerous official certifications that the company is receiving.

These endorsements certify calibrated guarantees of security, high performance standards and, above all, absolute trust in the capacity, functionalities, and capabilities of Panda Security’s solutions.

In this light, Panda Security has emerged as the leading European manufacturer or EDR systems, with fully European technology, solutions, cloud platform, shareholders, and headquarters.

This makes Panda Adaptive Defense the only solution with the certification “Common Criterial EAL-2; the  Centro Criptológico Nacional (National Cryptology Center) “Qualified IT Security Product” qualification; and the “High ENS (National Security Framework)” classification.

As such, Panda and its solutions are completely aligned with the European Parliament’s proposals that were approved in motion A8-0189/2018, placing them as the ideal candidates to enter the plan for a European Cybersecurity Certification, that was approved yesterday by the European Parliament.

Who says this?

The Centro Criptológico Nacional (National Cryptology Center, CCN) is the body responsible for coordinating the action of the various Government agencies that use encryption methods and procedures, guaranteeing the security of information technology in that area, reporting on coordinated acquisition of cryptological material, and training government staff who are specialized in this field.

Gartner is the leading consultancy company when it comes to questions such as, what technological trends are making a difference? Or, which of the different manufacturers’ product or solution is at the forefront? This is why their Magic Quadrant is considered to be one of the essential analyses of the sector.  Where Panda Security is recognized as a visionary on the chart for Endpoint Protection Platforms.

AV- Comparatives is an independent laboratory that tests and evaluates antivirus software, regularly publishing graphs and reports on the manufacturers that participate in its tests. Over the course of 2017, Panda Security achieved maximum levels of protection in the organization’s Real-World Protection Test, leading it to take home that year’s Gold Award for this test.

The post Official Certifications: Generating Trust and Making Us Stand Out appeared first on Panda Security Mediacenter.

Walmart Patents Their Own Eavesdropping Technology To Monitor Staff Performance

Amidst the ongoing ‘tech-run’ by corporate giants to surpass one another, Walmart takes a step ahead. Reportedly, Walmart wins a

Walmart Patents Their Own Eavesdropping Technology To Monitor Staff Performance on Latest Hacking News.

Only 20% of companies have fully completed their GDPR implementations

Key findings from a survey conducted by Dimensional Research highlight that only 20% of companies surveyed believe they are GDPR compliant, while 53% are in the implementation phase and 27% have not yet started their implementation. EU (excluding UK) companies are further along, with 27% reporting they are compliant, versus 12% in the U.S. and 21% in the UK. While many companies have significant work to do, 74% expect to be compliant by the end … More

The post Only 20% of companies have fully completed their GDPR implementations appeared first on Help Net Security.

86% of enterprises have adopted a multi-cloud strategy

Based on a global survey of 727 cloud technology decision makers at businesses with more than 1,000 employees, Forrester Consulting found how shifting business priorities are driving enterprises to adopt multi-cloud strategies. According to the study, a vast majority (86 percent) of respondents describe their current cloud strategy as multi-cloud, with performance and innovation rising above cost savings as the top measures of success. In addition, 60 percent of enterprises are now moving or have … More

The post 86% of enterprises have adopted a multi-cloud strategy appeared first on Help Net Security.

Week in review: The OT/ICS landscape for cyber professionals, putting the Sec into DevSecOps

Here’s an overview of some of last week’s most interesting news: How to allocate budget for a well-rounded cybersecurity portfolio What should a well-rounded cybersecurity portfolio look like? Android devices with pre-installed malware sold in developing markets New low-end Android smartphone devices being sold to consumers in developing markets, many of whom are coming online for the first time, contain pre-installed malware, according to Upstream. An overview of the OT/ICS landscape for cyber professionals Most … More

The post Week in review: The OT/ICS landscape for cyber professionals, putting the Sec into DevSecOps appeared first on Help Net Security.

League of Legends Philippines Attacked By CoinHive Monero Mining Malware

Cryptocurrency mining malware attacks are becoming increasingly common. Malware provides an easy way for the hackers to mine crypto without

League of Legends Philippines Attacked By CoinHive Monero Mining Malware on Latest Hacking News.

Apple Released Bug Fixes In iOS 11.4.1 Along With A New iOS Security Vulnerability

Apple has tried to make every possible feature to restrict unwanted access to their iPhones. The USB restricted mode is

Apple Released Bug Fixes In iOS 11.4.1 Along With A New iOS Security Vulnerability on Latest Hacking News.

Chrome users get Site Isolation by default to ward off Spectre attacks

Site Isolation, the optional security feature added to Chrome 63 late last year to serve as protection against Spectre information disclosure attacks, has been enabled by default for all desktop Chrome users who upgraded to Chrome 67. How Site Isolation mitigates risk of Spectre attacks “In January, Google Project Zero disclosed a set of speculative execution side-channel attacks that became publicly known as Spectre and Meltdown. An additional variant of Spectre was disclosed in May. … More

The post Chrome users get Site Isolation by default to ward off Spectre attacks appeared first on Help Net Security.

Gargoyle: Innovative solution for preventing insider attacks

A group of researchers from UNSW Sydney, Macquarie University, and Purdue University has released a paper on a new and very promising network-based solution for preventing insider attacks. Dubbed Gargoyle, the solution: Evaluates the trustworthiness of an access request context through a set of Network Context Attributes (NCAs) that are extracted from the network traffic Leverages the capabilities of Software-Defined Network (SDN) for both policy enforcement and implementation Takes advantage of the network controller for … More

The post Gargoyle: Innovative solution for preventing insider attacks appeared first on Help Net Security.

Want to avoid GDPR fines? Adjust your IT procurement methods

Gartner said many organizations are still not compliant with GDPR legislation even though it has been in force since May 2018. This is because they have not properly audited data handling within their supplier relationships. Sourcing and vendor management (SVM) leaders should, therefore, review all IT contracts to minimise potential financial and reputation risks. “SVM leaders are the first line of defense for organizations whose partners and suppliers process the data of EU residents on … More

The post Want to avoid GDPR fines? Adjust your IT procurement methods appeared first on Help Net Security.

IoT security spend to reach $6 billion by 2023

A new study from Juniper Research found that spending on IoT cybersecurity solutions is set to reach over $6 billion globally by 2023. It highlighted rapid growth, with spending by product and service providers (in consumer markets) and end-customers (in industrial and public services markets) to rise nearly 300% over the forecast period. Marked differences across markets Juniper claimed that there are major differences in the way in which IoT business risk is perceived and … More

The post IoT security spend to reach $6 billion by 2023 appeared first on Help Net Security.

42% of organizations globally hit by cryptomining attacks

Cybercriminals are aggressively targeting organizations using cryptomining malware to develop illegal revenue streams, according to Check Point. Meanwhile, cloud infrastructures appear to be the growing target among threat actors. Most prevalent malware globally Between January and June 2018, the number of organizations impacted by cryptomining malware doubled to 42%, compared to 20.5% in the second half of 2017. Cryptomining malware enables cybercriminals to hijack the victim’s CPU or GPU power and existing resources to mine … More

The post 42% of organizations globally hit by cryptomining attacks appeared first on Help Net Security.

PayPal tells deceased woman that her death violated its rules

PayPal forced to apologize after informing the customer that her death ‘breached its rules’

In a sheer case of no empathy, PayPal, a U.S. based worldwide online payments system, sent a payment notice to a woman who had passed away due to cancer, claiming that her death “breached its rules” and she must pay up immediately. The deceased’s husband slammed PayPal for sending the letter after his wife’s death and having no sympathy for a Facebook post.

Lindsay Durdle, a U.K. resident aged 37, died of breast cancer on May 31. Her husband, Howard Durdle, forwarded the death certificate, her will and his ID as requested PayPal to close Mrs. Durdle’s account. However, in spite of informing PayPal about Mrs. Durdle’s death and submitting all the necessary documents, Mr. Durdle received a warning letter addressed to his wife from PayPal at his residence in Bucklebury, West Berkshire three weeks later, which was headlined: “Important: You should read this notice carefully.”

The warning letter stated that Mrs. Durdle owed the company £3,200 and went on to say: “You are in breach of condition 15.4(c) of your agreement with PayPal Credit as we have received notice that you are deceased… this breach is not capable of remedy.”

In other words, PayPal had sent a threatening letter to Mrs. Durdle stating that her death was a breach of the company’s agreement with PayPal credit, and warns her of further actions, including termination of her agreement and legal proceedings.

“What empathy-lacking machine sent this?” Mr. Durdle asked in his post.

PayPal gave three possible explanations for this unfortunate event: a bug, a bad letter template or human error, Mr. Durdle told the BBC. PayPal issued an apology to Mr. Durdle and promised him that they would find the cause of the insensitive letter and address the problem. However, the company would not be able to share the information because it was an “internal matter”.

“We apologize unreservedly to Mr. Durdle for the understandable distress this letter has caused. As soon as we became aware of this mistake, we contacted Mr. Durdle directly to offer our support, cleared the outstanding debt and closed down his wife’s account as he requested. We are urgently reviewing our internal processes to ensure this does not happen again,” a spokesman for the online payments service said in a statement to BBC. Meanwhile, the company also wrote off any outstanding debt against Mrs. Hurdle’s account.

Mr. Durdle, who is a member of the charity group Widowed and Young, said, “I’m in a reasonable place at the moment – I’ve got quite a level head on my shoulders -and am quite capable of dealing with paperwork like this.”

He wants the letter to serve as an example to organizations of how upsetting automated letters can be and the damage they can cause the recently bereaved. His priority is to ensure that other bereaved families don’t have to go through the same treatment, not just from PayPal but from anyone.

“I’m a member of the charity Widowed and Young, and I’ve seen first-hand in there how a letter like this or something like it can completely derail somebody. If I’m going to make any fuss about this at all, it’s to make sure that PayPal, or any other organization that might do this kind of insensitive thing, recognise the damage they can cause the recently bereaved,” he added.

The post PayPal tells deceased woman that her death violated its rules appeared first on TechWorm.

Hola VPN Hack Targets MyEtherWallet Users

MyEtherWallet (MEW), a well-known cryptocurrency wallet interface, used Twitter to urge MEW customers who used Hola VPN within the last 24 hours, to transfer their funds immediately to a brand new account. They said they received a report that confirms the Hola VPN Chrome extension has been hacked. MEW’s Twitter account stated the attack was logging users’ activity including sensitive information such as usernames and passwords. The details of a currently unknown number of MEW users were exposed to hackers during a five-hour window on July 9th.

Hola VPN said in a blog post that upon learning about the incident, they immediately set up a response team of cybersecurity experts to investigate the incident and prevent it from happening again. They claim they immediately took emergency steps to replace the malicious extension causing the data leak. Regular MEW users were not affected by the data breach as the MEW service was not compromised, and the incident is known to be entirely out of MEW developers’ control. However, the breach certainly throws a shadow at the Israeli VPN service provider.

This is not the first time MEW users are being targeted. Earlier this year hackers managed to snatch more than $300,000 through execution of a sophisticated DNS hijacking attack. Many users lost their funds forever. Services such as MyEtherWallet do not operate like banks –  they do not charge transactions fees, they do not offer insurance, and they do not store cryptocurrency. Instead, they provide users with an interface that allows their clients to interact directly with the blockchain. Hugely unregulated and still in its wild west years, blockchain is like a vast, global, decentralized spreadsheet, and users are the only one responsible for the funds they store on such virtual wallet interfaces.

How to protect yourself?

First and foremost, use common sense and make sure that the sites you are visiting are legitimate. If you are a MEW user, your website needs to be https://www.myetherwallet.com. Even if a single letter in the URL is changed, you are not in the correct place, and you are being phished.

Avoid opening websites that feel sketchy, or you do not trust – clicking on random links you see on social media may end up forwarding you to malicious sites. If you want to access a specific website, open a new tab on your browser and type the correct link manually. Navigating directly to the website decreases the chances of ending up on a phishing website.

Do not use the same password on other websites. One of the worst cybersecurity practices is to use the same password on multiple sites. If you struggle to remember your passwords, use tools that allow you to keep them safe and protected, or write them on a piece of paper. Make sure to change your passwords every three months – sometimes it takes years for companies to announce that they have been hacked.

Lastly, make sure that you have antivirus software installed on all your connected devices, and you deal with reliable VPN service providers. As in real life, cheap (or free) sometimes end up costing more. Quality VPNs encrypt your web traffic, do not allow hackers to monitor your online activity and do not let cybercriminals re-route your web traffic to phishing websites. Stay safe!

Download Panda FREE VPN

The post Hola VPN Hack Targets MyEtherWallet Users appeared first on Panda Security Mediacenter.

Security newsround: July 2018

We round up reporting and research from across the web about the latest security news and developments. This month: stress test for infosec leaders, cybercrime by the numbers, financial fine for enabling cyber fraud, third party risk leads to Ticketmaster breach, Privacy Shield in jeopardy, and a win for Wi-Fi as security improves.

Under pressure: stress levels rise for security professionals

Tense, nervous headache? You might be working in information security. A global survey of 1,600 infosec leaders has found that the role is under more stress than ever. Rising malware threats, a shortage of skilled people, and budget constraints are producing a perfect storm of pressure on professionals. The findings come from Trustwave’s 2018 Security Pressures Report. It found that the trend of increasing stress has been edging steadily upwards since its first report five years ago.

Some 54 per cent of respondents experienced more pressure to secure their organisation in 2017 compared to the previous year. More than half (55 per cent) also expect 2018 to bring more pressure than 2017 did. Dark Reading quoted Chris Schueler of Trustwave saying the pressure to perform will push security leaders to improve performance or burn out. SecurityIntelligence led with the angle that the biggest obligation facing security professionals is preventing malware. Help Net Security has a thorough summary of the findings.

There was some good news: fewer professionals reported feeling pressure to buy the latest security tech compared to past years. The full report is available to download here.

CEO fraud scam hits companies hard

CEO fraud, AKA business email compromise, was the internet crime most commonly reported to the FBI during 2017. Victims lost a combined amount of more than $676 million last year, up almost 88 per cent compared to 2016. Total cybercrime-related losses totalled $1.42 billion last year. The data comes from the FBI’s 2017 Internet Crime Report, which it compiles from public complaints to the agency. (No vendor surveys or hype here.)

The next most prominent scams were ransomware, tech support fraud, and extortion, the FBI said. Corporate data breaches rose slightly in number year on year (3,785 in 2017, up from 3,403 in 2016) but the financial hit decreased noticeably ($60.9 million in 2017 vs $95.9 million in 2016). There were broadly similar numbers of fake tech support scams between 2017 and 2016, but criminals almost doubled their money. The trends in the report could help security professionals to evaluate potential risks to their own organisation and staff.

Asset manager’s lax oversight opens door to fraud and a fine

Interesting reading for security and risk professionals in the Central Bank of Ireland’s highly detailed account of a cyber fraud. Governance failings at Appian Asset Management led to it losing €650,000 in client funds to online fraud. Although Appian subsequently replaced the funds in the client’s account, the regulator fined the firm €443,000. A CBI investigation uncovered “significant regulatory breaches and failures” at the firm, which exposed it to the fraud. It’s the first time the Irish regulator has imposed such a sanction for cyber fraud.

The fraud took place over a two-month period, starting in April 2015. The CBI said a fraudster hacked the real client’s webmail account to impersonate them during email correspondence with an Appian employee. The fraudster also used a spoofing technique to mimic that employee’s email address. The criminal intercepted messages from the genuine client and sent replies from the fake employee email to hide traces of the scam.

The press release runs to more than 3,200 words, and also goes into great detail about the gaps in policy and risk management at Appian.

Tales from the script: third-party app flaw leads to Ticketmaster data breach

As growing numbers of websites rely on third-party scripts, it’s vital to check they don’t put sites’ security at risk. That’s one of the lessons from the data breach at Ticketmaster UK. The company discovered malicious code running on its website that was introduced via a customer chat feature. This exposed sensitive data, including payment details, of around 40,000 customers. Anyone who bought a ticket on its site between September 2017 and June 2018 could be at risk, Ticketmaster warned.

On discovering the breach, Ticketmaster disabled the code across all its sites. The company contacted all affected customers, recommending they change their passwords. It published a clearly worded statement to answer consumer questions, and offered free 12-month identity monitoring.

Although this first seemed like good crisis management and proactive breach notification, the story didn’t end there. Inbenta Technologies, which developed the chat feature, weighed in with a statement shifting some blame back towards Ticketmaster. The vulnerability came from a single piece of custom JavaScript code Inbenta had written for Ticketmaster. “Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customised script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability,” Inbenta CEO Jordi Torras said.

Then Monzo, a UK bank, blogged in detail about the steps it took to protect its customers from the fallout. This included the bombshell that Ticketmaster knew about the breach in April, although the news only went public in June. Wired said these developments showed the need to thoroughly investigate potential breaches, and to remember subcontractors when assessing security risks.

Privacy Shield threat puts EU-US data sharing in doubt

US authorities have two months to start complying with Privacy Shield or else MEPs have threatened to suspend it. The EU-US data sharing framework replaced the Safe Harbor framework two years ago. Privacy Shield was supposed to extend the same rights for protecting EU citizens’ data as they have in Europe. In light of the Facebook-Cambridge Analytica scandal (both of which were certified under Privacy Shield), it seems that’s no longer the case.

MEPs consider privacy and data protection as “fundamental rights … that cannot be ‘balanced’ against commercial or political interests”. They voted 303 to 223 in favour of suspending the Privacy Shield agreement unless the US complies with it.

This could have implications for any organisation that uses a cloud service provider in the US. If they are using Privacy Shield as an adequacy decision for that agreement, they may no longer be GDPR-compliant after 1 September. Expect more developments on this over the coming months.

Welcome boost for Wi-Fi security

The Wi-Fi Alliance’s new WPA3 standard promises enhanced security for business and personal wireless networks. It will use a key establishment protocol called Simultaneous Authentication of Equals (SAE) which should prevent offline dictionary-based password cracking attempts. Announcing the standard, the Wi-Fi Alliance said the enterprise version offers “the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance”. Hardware manufacturers including Cisco, Aruba, Broadcom and Aerohive all backed the standard.

Tripwire said WPA3 looks set to improve security for open networks, such as guest or customer networks in coffee shops, airports and hotels. The standard should also prevent passive nearby attackers from being able to monitor communication in the air. The Register said security experts have welcomed the upgrade. It quoted Professor Alan Woodward, a computer scientist at the University of Surrey in England. The new form of authentication, combined with extra strength from longer keys, is “a significant step forward”, he said.

 

The post Security newsround: July 2018 appeared first on BH Consulting.

Is Article 13 about to ruin the Internet?

European lawmakers were set to vote on changes on the 5th July that will dramatically increase Internet regulation. Perhaps the biggest proposed change is the introduction of Article 13 which is intended to improve copyright protection.

Under the terms of Article 13, any Internet platform that hosts “large amounts” of user-uploaded content is expected to monitor every submission. This means identifying and removing any content that infringes copyright.

Blocking copyright infringement is good…

Content creators – like musicians and filmmakers – rely on their work to provide an income. When people reuse that content, the original creator loses out. Some people would say that it is no different to stealing food from your local supermarket.

Obviously protecting copyright is incredibly important to these people. And it is for their protection that Article 13 has been created.

…but auto-blocking isn’t

According to the latest statistics, 60 hours of videos are uploaded to YouTube every minute. It would be physically impossible to employ people to check each film for copyright infringements (unlicensed clips or background music). Instead, content platform owners like Facebook, Flickr and YouTube will need to develop an automated system to analyse content as it is uploaded.

The problem is that automated systems tend to be pretty poor. YouTube has tried content scanning in the past – Content ID – which was notorious for creating false positives, blocking perfectly legitimate movies in the process.

A more sinister future?

Some Internet experts are concerned about the longer term implications of Article 13, suggesting that the new regulations could be misused. They believe that the law creates a new surveillance framework that could be easily subverted by totalitarian governments to curb free speech.

Internet blackouts and bans on sites that are perceived as anti-government are already a regular occurrence in Turkey, Iran and China. These experiences suggest that the fear of government interference is not entirely unwarranted.

Linking to sites could be expensive

Have you ever shared a link to a news article on your Facebook page? Another update to the regulation – Article 11 – defines a new tax on platforms for linking to news articles. In future, Facebook could be charged because you share a link to a BBC News story.

With millions of pages being shared every day, Facebook will face a huge bill for the activities of their users. In order to protect their profits, Facebook may ban links to news websites, or even charge users for the service.

Decision time

The proposed changes have already passed scrutiny and will be approved (or denied) by MEPs today. Article 13 (and other amendments) will then be written into law and applied by all member states in due course. Importantly firms based outside the European Union will be expected to adhere to the new regulations.

Unfortunately, it is almost impossible to plan for the new regulation because the European Union has not specified exactly how the link tax or copyright filter will work. Should Articles 11 and 13 become law, the way you use the web may change forever.

Download Panda FREE VPN

The post Is Article 13 about to ruin the Internet? appeared first on Panda Security Mediacenter.

125+ Cybersecurity Companies in Healthcare to Know | 2018

beckers-hospital-review

Becker’s Hospital Review, Laura Dyrda, June 25, 2018

Healthcare organizations face an increasing threat from cyber attacks and hospitals are spending big to ensure their patients’ data is protected. In 2017, healthcare spending on IT reached $100 billion and there were around 32,000 intrusion attacks per day on healthcare organizations, according to FortiGuard Labs, as reported by CSO.

Here are more than 125 companies focused on cybersecurity for hospitals, health systems and other healthcare organizations.

Contact Laura Dyrda to recommend a company for this list at ldyrda@beckershealthcare.com and Ryan Ciepley at rciepley@beckershealthcare.com.


Absolute (Vancouver, Canada). Absolute offers near real-time security breach remediation. The company’s Absolute Persistence product, a self-healing endpoint security technology, provides IT personnel control over devices and data. Absolute’s cloud-based visibility allows for remote IT asset management and security for healthcare providers, including support from its healthcare information security and privacy practitioners and ASIS-certified protection professionals.

Agari (San Mateo, Calif.). Agari allows companies to secure themselves and customers from advanced phishing attacks. The Agari Email Trust Platform helps healthcare organizations verify trusted email identities and stop threats of identity deception.

AlienVault (San Mateo, Calif.). AlienVault is the provider of Unified Security Management, a comprehensive approach to security monitoring, and the AlienVault Open Threat Exchange, an open threat intelligence community enabling collaborative defense with community-powered threat data. USM is designed to monitor cloud, hybrid cloud and on-premises environments.

AllClear ID (Austin, Texas). AllClear ID provides breach response and customer identity protection services. The company notifies customers in the event of identity theft and assigns a dedicated investigator to initiate any dispute processes, recover financial losses and restore credit reports to the pre-fraud state.

Arxan (San Francisco). Arxan offers application attack-prevention and self-protection products for the internet of things with mobile and desktop applications. The company aims to protect customers from financial loss, fraudulent transactions, stolen credentials and internet protocol theft. In the healthcare space, Arxan offers protection for embedded apps in medical devices.

Attivo Networks ThreatDefend (Fremont, Calif.). The ThreatDefend Deception and Response Platform is a powerful security control for an active defense, which provides early threat detection and changes the asymmetry against attackers. The Attivo Networks deception solution takes an innovative approach to detection by dynamically setting traps and lures to create a virtual hall of mirrors, altering an attacker’s reality and imposing increased cost as they are forced to decipher what is real versus fake.

Auth0 (Bellevue, Wash.). Auth0 is a HIPAA-compliant service that healthcare organizations can use with their business associates when handling protected healthcare information. The company provides authentication for third-party business associates and ensures all data transfers are HIPAA-compliant. On May 15, the company announced $55 million in series D funding.

Axway (Phoenix). The Axway Amplify Platform is a data and engagement platform that can provide real-time operational intelligence and API lifestyle management. In the healthcare space, the Axway Amplify can help eliminate silos, overcome interoperability challenges, accelerate meaningful use and promote patient engagement with health information.

Barracuda Networks (Campbell, Calif.). Barracuda Networks offers solutions to solve IT problems including content security, networking and application delivery and data storage, protection and disaster recovery. The Barracuda Web Application Firewall provides secure access to patient portals while the Barracuda NextGen Firewall F secures network devices against persistent threats, malware and zero-day exploits.

Barrier1 (Minneapolis). Barrier1’s Real-Time Intelligent Threat Management and the Advanced Analytics Reactive Engine platforms are designed to protect against security breaches. The technology inspects traffic type and dataflow to stop malware and viruses; analyzes the real time data flow; and inspects the network with multiple methods of authentication. The company’s customers include hospitals, clinics and specialty providers with MRI and CT Scans from multiple hospitals and clinics.

Battelle (Columbus, Ohio). Battelle is a nonprofit research and development organization that includes a team of experts devoted to medical device cybersecurity. The team members, led by a certified ethical hacker, hacks into medical devices to help manufacturers identify vulnerabilities in the software, mitigate cybersecurity risks and help design new products.

Bayshore Networks (Bethesda, Md.). Bayshore offers solutions for a variety of cyber initiatives, including industrial asset visibility, cybersecurity protection and managed remote access. The company aims to help clients eliminate cyber threats and risks while preparing to achieve industrial internet of things maturity. In March, Bayshore announced a global engineering expansion with plans to open two new engineering centers of excellence in 2018.

BeyondTrust (Phoenix). BeyondTrust delivers cybersecurity solutions designed to reduce risks and act against internal and external data breach threats. The company offers an integrated risk intelligence platform to identify critical risks and provide information for the company. In the healthcare space, BeyondTrust’s PowerBroker privileged account management solution enforces best practices; its Retina vulnerability management solutions allows the healthcare IT security team to identify exposure, analyze the business impact and conduct remediation.

BIO-key (Wall Township, N.J.). BIO-key offers biometric software and hardware solutions to strengthen user authentication. The company’s products include finger scanning devices for authentication in addition to passwords, PINs tokens and cards for customers to secure their devices.

Bitglass (Campbell, Calif.). The Bitglass Cloud Access Security Broker solution enables organizations to ensure security and regulatory compliance when using cloud apps. Founded in 2013, the company aims to protect corporate data on managed and unmanaged devices. Bitglass’ platform can help healthcare professionals with multiple hospital affiliations access files on any device and maintain visibility and control of their data. In April, Bitglass partnered with Cylance to provide protection across cloud and mobile devices.

BlueCat (Grapevine, Texas). BlueCat centralizes and automates domain name server services so organizations can leverage the DNS data for increased visibility, control and compliance. The company takes a software-centric approach to information security and promotes interoperability to manage complex network structures. In the healthcare arena, BlueCat allows organizations to centrally manage and track wired and wireless networks and devices.

Bradford Networks (Boston). Bradford Networks’ network entry solution is designed to continuously assess risks of all users and endpoints. The technology integrates with existing endpoint security, firewall and threat detection solutions through the SmartEdge Platform.

Bromium (Cupertino, Calif.). Bromium focuses on the global enterprise security market and its Bromium Secure Platform protects against all advanced malware. The company’s solution can secure patient data and minimize breaches across the healthcare industry.

CA Technologies (New York City). CA Technologies works with healthcare organizations on digital transformation initiatives to prevent cybersecurity attacks while still providing streamlined access to authorized employees and partners. The company has worked with BlueCross BlueShield of Tennessee, Englewood, Colo.-based Catholic Health Initiatives and GlaxoSmithKline Vaccines in the healthcare space.

Centripetal (Herndon, Va.). Centripetal’s core networking technologies are designed to simplify cyber intelligence collection and management to stop unwanted network traffic. The company’s QuickThreat Gateway combines proprietary software and hardware to detect and enforce 5 million threat indicators. In 2017, Centripetal was named a Gartner “Cool Vendor” in security.

CipherCloud (San Jose, Calif.). CipherCloud’s comprehensive multicloud security platform integrates advanced data protection, adaptive policy controls, monitoring and cloud risk analysis to secure organizations in financial services, insurance and healthcare industries, among others. CipherCloud works with healthcare organizations, pharmaceutical companies and insurance providers to safeguard private health information while maintaining HIPAA compliance.

Citrix (Fort Lauderdale, Fla.). Citrix provides a secure digital workspace to unify apps, data and services necessary for productive organizations while allowing IT personnel to manage complex cloud environments. The workspace as a service company developed a platform for enterprise file synchronization and sharing with users across all business segments. The Citrix Windows apps solution allows healthcare organizations to securely deliver apps to diverse mobile devices including tablets and smartphones. The company’s Enterprise Mobility Management Technologies provides security for bring-your-own-device environments.

Clearwater Compliance (Nashville, Tenn.). The American Hospital Association endorsed Clearwater Compliance as a leading provider of hospital and health system compliance and cybersecurity management solutions. The company has implemented systems in hundreds of hospitals and health systems, Fortune 100 organizations and the federal government. In January, Clearwater Compliance raised capital through an investment from Altaris Capital Partners.

Coalfire (Westminster, Colo.). Coalfire is the cybersecurity advisor that helps covered entities and business associates avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, compliance assessments, technical testing and cyber engineering services, the company secures health data throughout the care continuum. Coalfire is one of the original HITRUST CSF assessor firms with the experience required to efficiently manage successful certifications.

Code42 (Minneapolis). Code42 is a software as a service solution designed to back up distrusted end-user data on a secure platform. The company’s software can protect files across Mac, Windows and Linux laptops and desktops automatically to limit risks and meet data privacy regulations.

Comodo (Clifton, N.J.). Comodo has more than 100 million installations of its security product in healthcare as well as other industries. Comodo’s technology authenticates, validates and secures networks and infrastructures around the world, designed to solve advanced malware threats, both known and unknown.

CORL Technologies (Atlanta). Founded in 2012, CORL Technologies provides vendor security risk management solutions as part of the vendor risk management program. The program allows healthcare organizations to monitor vendor risk, ease compliance audits and improve executive-level communications and risk analytics reporting.

Cryptzone (Waltham, Mass.). Cryptzone focuses on identity-centric security solutions to protect information from internal and external threats. The company uses a software-defined perimeter model to protect applications and content from threats, which can also streamline operations and lower costs. In the healthcare space, Cryptzone’s network, application and content solutions are designed to encrypt data, restrict access to private information and share documents in a HIPAA-compliant way.

Cybereason (Boston). Cybereason’s platform can identify a single component of an attack and connect it to other information in the system to shut down the attacker’s entire campaign. The platform is designed to quickly build the complex attack story and simplify the resolution process.

Cylance (Irvine, Calif.). Cylance is an artificial intelligence-driven endpoint detection and response solution designed to predict and prevent cyberattacks. The company’s products are designed to secure the entire healthcare infrastructure, working across Microsoft Windows and Mac OS X to integrate with existing security information and event management platforms.

Cymmetria (Palo Alto, Calif.). Cymmetria develops comprehensive cyber deception solutions based on breadcrumbs and decoys to lead attackers away from targets. Founded in 2014, the company aims to change the asymmetry of cybersecurity to reduce the odds hackers are left vulnerable information.

CynergisTek (Austin, Texas). CynergisTek is a cybersecurity and privacy consulting firm. The company helps organizations assess privacy and security risk programs with regulatory requirements as well as develop best practices for risk management. CynergisTek was named Best in KLAS for Cyber Security Advisory Services in 2017.

DarkOwl (Denver). DarkOwl is an information security company specializing in darknet (or “dark web”) intelligence. Founded in 2009, DarkOwl has built the world’s largest commercially available database of darknet content. Its database allows clients to search the darknet without accessing it directly, which is both difficult and dangerous. The darknet platform also allows clients to passively monitor the darknet for their sensitive information, enabling near real-time awareness of any potentially breached information.

Dataguise (Fremont, Calif.). Dataguise provides a solution for global data governance, allowing organizations to detect, protect and monitor sensitive data in real time on the premises and in the cloud. Healthcare organizations can use the company’s Hadoop product to streamline and analyze billing data to reduce costs and fraud incidents; digitize patient records; and incorporate sensor and internet of things health monitoring data.

DataMotion Health (Florham Park, N.J.). DataMotion Health enables providers to communicate more efficiently across the care continuum. DataMotion provides secure messaging and connectivity solutions to exchange protected health information for clinical use and to deliver improved care at reduced costs.

DB Networks (San Diego). DB Networks aims to protect databases from insider threats and cyberattacks. Founded in 2009, the company launched the first signatureless database cybersecurity product in 2013 and has received a patent for its approach to database protocol information extraction. Last year, the company launched its first artificial intelligence-based agentless database activity monitoring to protect against cyberattacks.

Digital Defense (San Antonio). Digital Defense’s Frontline Vulnerability Manager is a service platform designed to scan for vulnerabilities and provide penetration testing for organizations. The company’s Frontline Social Testing promotes security-minded behaviors among employees. Overall, the company aims to safeguard data and ease burdens associated with maintaining information security.

DomainTools (Seattle). DomainTools examines network indicators and connects them with other active domains to develop risk assessments, identify attackers, assist in fraud investigations and map cybersecurity activity to attacker infrastructure. The company works with U.S. government agencies and contracts in addition to companies in the financial and healthcare space.

Duo Security (Ann Arbor, Mich.). Duo Security aims to secure organizations that operate in the cloud and manage a bring-your-own-device environment. Duo is a software as a service company that orchestrates two-factor authentication to help healthcare organizations maintain and share information in a HIPAA-compliant fashion. In May, the company launched a cybersecurity website called Decipher.

eSentire (Cambridge, Ontario). eSentire is a pure-play managed detection and response service provider that protects organizations from the constantly evolving cyberattacks technology alone can’t prevent. The company provides a 24-7 security operations center staffed by analysts to investigate and respond to threats in real time.

ESET (Bratislava, Slovakia). ESET was founded as an antivirus protection company and has expanded to include security solutions for customers in more than 200 countries. ESET’s solution for healthcare companies protects against data breaches and can be deployed across multiple operating systems and endpoints.

EnSilo (San Francisco). EnSilo provides a comprehensive endpoint security platform to automatically respond to and eliminate complex security issues. The system also provides post-attack protection to avoid data theft or ransom. For healthcare organizations, the company’s real-time endpoint security platform protects sensitive data in compliance with HIPAA standards.

Exabeam (San Mateo, Calif.). The Exabeam Security Intelligence Platform provides security intelligence and management solutions. Exabeam’s platform can detect and respond to insider threats, track behavior analytics, protect against data loss, conduct breach investigations and report on data security compliance. The company earned SC Magazine’s 2017 Best Emerging Technology award and was a finalist in the Cybersecurity Excellence Awards in 2017 for security analytics and threat hunting categories.

FireMon (Overland Park, Kan.). FireMon’s Security Management Platform seeks to improve security while reducing operational costs through analytics, simulation and automation. The company focuses on protecting cloud-bound enterprises with next-generation security intelligence.

Flexera Software (Itasca, Ill.). Flexera Software aims to help enterprises and application producers increase application usage and security. The company has more than 80,000 customers in a variety of industries. Flexera’s FlexNet Producer Suite is designed for intelligent device manufacturers as an end-to-end solution for software licensing, entitlement management and device lifecycle management.

ForeScout (Cupertino, Calif.). ForeScout’s approach to security protects organizations against emerging threats with the ForeScout CounterACT. The company’s technology assesses, remediates and monitors devices continuously and works with disparate security tools to accelerate incidence response. More than 2,400 customers in 60 countries use ForeScout technology for network security and compliance. Healthcare organizations use the technology to secure agentless medical devices and mobile computing against cyberattacks.

ForgeRock (San Francisco). ForgeRock is a digital identity management company that works with organizations to adopt the ForgeRock Identity Platform. The platform allows healthcare providers to create secure digital identities for patients and collects data from apps, wearables and digital health and wellness services. In May, the company joined Philips, Qualcomm Life and others on a collaborative effort to enhance data from medical devices under the name OpenMedReady.

General Dynamics IT (Fairfax, Va.). General Dynamics IT’s cybersecurity operations provide service support to select the best security systems, develop data protection policies and monitor their networks. The company provides cybersecurity for the Department of Defense, local and state governments and select commercial customers. The company provides its full security services in the General Dynamics Health Solutions package to secure hospitals’ systems and protect information.

GigaTrust (Herndon, Va.). Founded in 2000, GigaTrust provides security software to protect emails and attachments, documents, administrative oversight and compliance tools. The company provides a software as a service secure document rendering experience inside and outside of an enterprise’s network.

Globalscape (San Antonio). Globalscape was founded in 1996 and since then has grown to provide information exchange software and services to more than 13,000 customers in more than 150 countries. The company focuses on providing secure data transfer through its managed file transfer platform for on-premises, cloud or hybrid deployments. Globalscape also offers electronic funds transfer for healthcare organizations including secure and compliant data management, data integration, automation management, workflow management and real-time activity monitoring and tracking.

GreyCastle Security (Troy, N.Y.). GreyCastle Security is a risk management company with cybersecurity capabilities. The company provides a team of cybersecurity experts, a client portal to view cybersecurity efforts, custom security roadmaps, an incident response team and an account manager to maximize the cybersecurity program. The company also provides HIPAA risk assessments, 24/7 breach and incident response, HIPAA security training and policy development. In June, GreyCastle Security acquired EagleDream Technology’s cybersecurity division, adding to the company’s footprint in Rochester, N.Y., where 10 of the company’s 75 experts are located.

GuardiCore (San Francisco). GuardiCore focuses on data center innovation and cloud security to deliver accurate and effective solutions to stop advanced threats. The company’s real-time breach detection and response software was developed by cybersecurity experts to fight attacks in an organization’s data center.

Gurucul (Segundo, Calif.). Companies around the globe use Gurucul technology to detect insider threats, cyber fraud, internet protocol theft and external attacks. The company’s technology includes user behavior analytics and identity access intelligence that includes machine learning anomaly detection and predictive risk-scoring algorithms to prevent unnecessary access and breaches.

Haystack Informatics (Philadelphia). Haystack Informatics was founded out of the Children’s Hospital of Philadelphia to provide solutions for monitoring patient privacy. Haystack professionals analyze interactions between hospital staff and patients to identify privacy violations and security risks. The team uses multiple detection engines to identify inappropriate behavior and reinforces employee training in privacy matters.

HID Global (Austin, Texas). HID Global provides identity security solutions to governments and hospitals as well as educational and financial institutions. The company provides information security solutions to hospitals, mobile device use, visitor management and HIPAA-compliant medical record security and also gives suppliers secure access to the appropriate data.

HITRUST Alliance (Frisco, Texas). HITRUST Alliance is a nonprofit organization leading advocacy efforts and educational support to safeguard healthcare information and manage risk. HITRUST was founded in 2007 to protect health information systems and exchanges, providing access to common risk and compliance management, de-identification frameworks and related assessment and assurance methodologies.

Hortonworks (Santa Clara, Calif.). Hortonworks creates and supports enterprise-ready open data platforms and modern data applications. Founded in 2011, the company provides services to Oracle, Microsoft and Red Hat, a multinational software company.

Interset (Ottawa, Ontario). Interset’s platform can correlate multiple data classes and link security events to users, machines, applications and files to identify threats and remove false positives. The technology is designed to stop sensitive data theft. Interset has partnered with Toledo, Ohio-based Promedica; Huntington, W.Va.-based Valley Health System; and San Francisco-based Dignity Health, among other healthcare providers.

Ixia (Calabasas, Calif.). Ixia was founded in May 1997 to provide testing, visibility and security solutions for governments, service providers and network equipment manufacturers. The company helps customers manage IT and protect against security threats with technologies for mobile devices, cloud security, internet of things management and improved network visibility.

Liberty Investigation Forensic and Response Services (New York City). LIFARS is a global digital forensics and cybersecurity intelligence firm that provides cybersecurity solutions. The company conducts digital forensic investigations, incidence response services, web application security testing, digital risk assessments and academic research to optimize an organization’s digital infrastructure.

LookingGlass Cyber Solutions (Reston, Va.). LookingGlass Cyber Solutions protects global enterprises and government agencies against cyberattacks. The company provides healthcare organizations with a team of analysts through its Threat Intelligence Analysis and Management system to identify potential security threats, analyze multiple threat factors and indicators as well as develop a plan to mitigate threats in real time.

MedCrypt (Encinitas, Calif.). MedCrypt provides application programming interfaces to encrypt data sent from devices and allows customers to assign unique keys to every actor in the system and monitor what devices are doing remotely in real time. After installation in the device, MedCrypt Nodes communicates with the company’s centralized transaction monitoring service to look for anomalous behavior. In March 2018, MedCrypt won the HIMSS Venture Connect startup prize.

Meditology Services (Atlanta). Meditology Services provides consulting and management advisory to large hospitals and healthcare organizations across the country. Meditology’s experts in IT risk management and healthcare IT consulting focus on assessing and developing security and compliance programs.

Menlo Security (Palo Alto, Calif.). Menlo Security’s Isolation Platform contains and eliminates malware while giving a completely native experience. The company’s platform uses the isolation model to ensure malware doesn’t reach the endpoint to access patient data at hospitals, allowing administrators to expand internet capabilities without risking data security issues.

Microsoft (Redmond, Wash.). Microsoft invests more than $1 billion in security research and development each year and created the Microsoft Enterprise Cyber Security Group to develop solutions for Microsoft customers. The company opened its Cyber Defense Operations Center in 2015 and works with healthcare organizations’ C-suites to support a culture of cybersecurity.

MicroStrategy (Washington, D.C.). MicroStrategy provides enterprise analytics and mobility software to clients worldwide. Healthcare organizations use MicroStrategy’s enterprise solution to boost operational efficiency, expand businesses and improve the quality of care and patient experience. The company’s healthcare solutions focus on supply chain management, revenue cycle optimization, hospital operations, population health management and claims analysis.

Mimecast (Watertown, Mass.). Mimecast makes business email and data safer for customers worldwide. Founded in 2003, the company’s next-generation cloud-based security, archiving and continuity services protect email and deliver comprehensive email risk management. With Mimecast healthcare organizations can respond to industry risks by safeguarding protected health information, preventing advanced attacks like ransomware, archiving email and keeping employees connected during a mail server outage. Mimecast also met healthcare privacy regulations by completing a HIPAA security compliance assessment.

NCC Group (Manchester, United Kingdom). Formed in 1999, NCC Group provides expertise in cybersecurity and risk mitigation. The company has more than 35 offices and 15,000 clients worldwide, providing a variety of services including internet of things consultancy.

NetScout (Westford, Mass.). NetScout’s Adaptive Service Intelligence optimizes a hospital’s analytics platforms to identify signs of outages in the hospital’s network before they occur to diagnose and repair the issues quickly. The technology could prevent issues with a surgical robot powering down in the middle of surgery or video screens going dark during a procedure.

Netskope (Los Altos, Calif.). Netskope has a patented cloud-scale security platform designed to provide governance of all cloud usage while allowing real-time access to updates from the corporate network, remotely or from mobile apps. The company works with Oakland, Calif.-based Kaiser Permanente among other healthcare clients to protect against threats in the cloud and detect unusual data movement or activity.

Netwrix (Irvine, Calif.). Netwrix Auditor, a visibility platform for data security and risk management, provides clients with security analytics to detect anomalies in user behavior and investigate threat patterns. The Netwrix Auditor’s solutions are HIPAA compliant.

Nexthink (Switzerland). Nexthink’s Nexthinker is designed to help organizations reduce health information breach incidents and improve security and compliance. In the healthcare space, Nexthink helps institutions secure protected health information, ensures HIPAA compliance, reduces risk for HITECH penalties and facilitates bring-your-own-device adoption for physicians and clinicians.

NTT Security (Ismaning, Germany). NTT Security offers security, risk and compliance services to help organizations meet immediate challenges in data security. The company’s technology solutions team works alongside consulting services to give advice on the appropriate solutions for risk management.

Okta (San Francisco). Okta’s IT products use identity information to grant access to applications on any device at any time while enforcing strong security protections. The platform connects companies to customers and partners securely. Okta works with CMS, New York City-based Mount Sinai Health System and Nashville, Tenn.-based Envision Healthcare, among other healthcare customers, to provide adaptive multifactor authentication and HIPAA-compliant cloud identity solutions.

OneSpan (Oakbrook Terrace, Ill.). With more than 10,000 customers in 100 countries, OneSpan, formerly VASCO, provides security access to online information with two-factor authentication, transaction data signing, e-signature and identity management solutions. In the healthcare space, the company can secure protected health information in EHRs, protect electronic prescriptions and safeguard against unauthorized manipulation of mHealth apps.

OPSWAT (San Francisco). OPSWAT focuses on technologies to protect clients against cyberattacks. The company’s solutions secure and manage IT infrastructure by scanning for known threats with anti-malware engines and sanitizing documents to prevent unknown threats.

Oracle Dyn Web Application Security (San Francisco).Formerly Zenedge, Oracle Dyne Web Application Security Services provides security professionals with the tools and expertise needed to defend websites, systems and applications from cyber security threats. The company uses adaptive machine learning and automation to combat cyber attacks proactively. The application’s suite includes a bot manager, malware protection and application program interface protection.

Osirium (Theale, United Kingdom). Osirium’s software development team aims to fill the virtual air gap for privileged account access. The company was founded in 2008 and focuses on cybersecurity and hybrid-cloud automation technology as well as privileged protection and task-automated solutions.

Ostendio (Arlington, Va.). Ostendio serves primarily healthcare clients, including WellDoc, the American College of Cardiology and Higi. The company’s MyVCM Cybersecurity and Information Management platform uses behavioral analytics to drive employee and vendor engagement. Ostendio’s solution manages all aspects of security and allows organizations to report their security profile to internal and external stakeholders.

PhishLabs (Charleston, S.C.). PhishLabs is a 24/7 service that protect organizations against cyberattacks targeting employees or customers. Founded in 2008, the company provides a full range of services to detect attacks, identify attack operations and mitigate underlying infrastructure to stop the threat. The company also provides services and training specific to protecting patient and healthcare provider information. In May, PhishLabs merged with BrandProtect, a threat intelligence and mitigation solutions provider.

Praetorian (Austin, Texas). Praetorian’s solutions aim to identify and solve cybersecurity problems enterprisewide. The company’s technical engineers and developers offer security expertise to minimize risk across digital assets. Praetorian offers corporate and product security solutions unified through its software platform. In the healthcare space, the company works with medical device manufacturers to identify and address vulnerabilities.

Prevalent Networks (Warren, N.J.). Prevalent Networks focuses on risk management through a product suite focused on automated vendor risk assessment, continuous vendor threat monitoring and vertical vendor networks. Healthcare organizations can use Prevalent Vendor Risk Management to better manage and monitor third- and fourth-party business associate risks.

PriorityOne Group (Rutherford, N.J.). PriorityOne Group manages, implements and provides integrated IT services to healthcare organizations in and around Bergen County, N.J. The company focuses on guiding providers, including ASCs, through HIPAA compliance, product integration and technology acquisition.

Proficio (Carlsbad, Calif.). Proficio provides always-on cybersecurity protection and services to help customers detect and respond to or prevent security breaches. For healthcare industry clients, the company provides round-the-clock managed security services to protect confidential patient information and maintain HIPAA compliance.

Promisec (Boston). Promisec is an endpoint system, software asset management and compliance company that aims to help organizations avoid cyberthreats and attacks that lead to data breaches. The company’s technology provides secure endpoints and clean audits to meet regulatory compliance standards.

Protegrity (Stamford, Conn.). Protegrity aims to develop solutions to protect data throughout its lifecycle without disrupting workflow. The company can provide security across big data clusters, cloud environments, databases and mainframes. The Protegrity data security platform can protect sensitive healthcare data through tokenization and encryption technologies.

Prot-On (Spain). Prot-On provides a solution to protect files, decide who has access to files and track file activity. Healthcare organizations use Prot-On to securely store and communicate patient and prescription information as well as share health records with patients.

Protenus (Baltimore). Protenus’ platform proactively monitors and protects patient privacy in EHRs. The company’s technology uses artificial intelligence to understand how the workforce accessed patient records in the EHR.

Pulse Secure (San Jose, Calif.). Pulse Secure provides secure access solutions to enterprises and service providers. The company’s virtual private network, network access control and mobile security products are designed for data security. In the healthcare space, Pulse Secure provides medical-grade network visibility and control solutions to support a bring-your-own-device environment and can ensure security for the internet of things.

Risk Based Security (Richmond, Va.). Risk Based Security focuses on risk identification and security management tools to protect a variety of clients, including drug companies and healthcare providers. Founded in 2011, the company offers a full set of analytics and dashboards designed to identify security risks by industry. The company provides several HIPAA- and HITECH-compliant solutions for protecting patient data.

RiskIQ (San Francisco). RiskIQ focuses on digital threat management, offering the RiskIQ Community Edition giving security analysts free access to the company’s solutions within a collaborative online environment. RiskIQ provides a comprehensive digital threat management platform for healthcare providers to audit, discover, monitor, investigate and mitigate threats.

RiskSense (Albuquerque, N.M.). RiskSense focuses on reducing cyberattacks and security risks. Cybersecurity practitioners founded the company as a spin-off of New Mexico Institute of Mining and Technology in Socorro, which originally conducted research as a service project. Since then, the company has developed to advise the Department of Defense and intelligence community and create the RiskSense platform. The company also partners with healthcare organizations that have limited resources to protect against cyberattacks.

Rogue Wave Software (Boulder, Colo.). Founded in 1989, Rogue Wave has grown into a global company focused on cross-platform software development tools and embedded components. The company provides life science and medical companies with necessary tools and consulting expertise to accelerate the time it takes to bring their devices to market as well as achieve accurate and reliable results.

Rsam (Secaucus, N.J.). Rsam sets the foundation for enterprise risk management and includes intuitive templates to deploy in complex situations. The company offers audit management, compliance, risk management, security incident response and vendor risk management, among other services. In the healthcare space, Rsam delivers a comprehensive risk assessment tool and establishes repeatable and consistent processes to support compliance and an enterprisewide incident management program.

Rubicon Labs (San Francisco). Founded in 2012, Rubicon Labs’ Zero-Knowledge Platform provides abstract key management services. The company’s authorization capabilities, device security services and software can secure physicians’ devices as well as medical devices to prevent hacking.

Seclore (Sunnyvale, Calif.). Seclore focuses on document protection to allow organizations to collaborate securely. Pharmaceutical companies can use Seclore’s offerings to secure and govern their internet protocol and other confidential assets. The company’s electronic digital reference model provides patient protection from product dossiers, unauthorized access and issues related to file sharing.

SecureAuth (Irvine, Calif.). Founded in 2005, SecureAuth focuses on authentication to ensure all entities attempting to access data are known and verified. The company’s technology offers flexible identity access control solutions to protect virtual private network, on-premises, cloud, mobile and homegrown applications. For healthcare organizations, SecureAuth protects electronic prescriptions and protected health information in a HIPAA-compliant way.

SecureMySocial (New York City). SecureMySocial technology scans social media use and warns organizations about activities that expose them to risk in real time. The platform prevents information breaches and data leaks on social media. In May, the company was named to 2018 Cyber Security 500 list.

Sedara (Buffalo, N.Y.). Sedara is a managed security service provider with clients across the U.S. The company manages network security for clients and ensures regulatory compliance, including HIPAA compliance, for organizations across the spectrum. The company provides continual data monitoring and alert systems to identify and defeat hack attempts. In 2017, Sedara partnered with The Bonadio Group, a New York-based independent cybersecurity and compliance services provider.

SentinelOne (Palo Alto, Calif.). A group of international defense and intelligence experts founded SentinelOne to tackle cybersecurity issues with a new endpoint protection approach. The company’s platform is certified as an antivirus preplacement. The SentinelOne Endpoint Protection Platform can monitor all endpoints accessing HIPAA-sensitive information and protect health information and can also predict advanced attacks and automate the threat response process.

Shape Security (Mountain View, Calif.). Shape provides protection against web and mobile cyberattacks to corporations around the world. The company is focused on protecting against high traffic and mobile application attacks. In the healthcare space, Shape Security can protect against distributed denial-of-service attacks and keep the organization’s website running.

Skybox Security (San Jose, Calif.). Skybox is a privately held cybersecurity management company established in 2002. Skybox’s security platform uses firewall and network device data to detect vulnerabilities, and its powerful attack vector analytics can reduce response times for greater network control. The company covers more than 2,000 enterprises globally, including Delta Dental, Neptune, N.J.-based Meridian Health System and eHealthInsurance in the healthcare sector.

Spirion (Irvine, Calif.). Spirion provides enterprise data management software to minimize risks, costs and reputation damage associated with cyberattacks. The company’s platform is designed to identify, classify and monitor personal information, medical records, credit card numbers and other intellectual property.

Stratiform (El Segundo, Calif.). PCM acquired Stratiform in January 2017. Stratiform is a cloud IT solutions provider with consulting, professional and managed services. The company specializes in Microsoft cloud technology and post-acquisition Stratiform plans to grow in the U.S. and Canada.

Swimlane (Louisville, Colo.). Swimlane is a security and operations management platform with the capability to centralize security alerts and automate attack response. The company provides security automation and orchestration to unify, analyze and resolve alerts from the organization’s existing security tools and provide analysts with threat intelligence. The company’s solution can also gather security metrics and generate reports on cybersecurity efforts.

Swivel Secure (West Yorkshire, United Kingdom). Founded in 2001, Swivel Secure’s AuthControl Sentry authentication platform allows organizations to tailor authentication requirements according to individualized security policies. Earlier this year, the company expanded their global partner program concentrating efforts on the United States.

Sword & Shield (Knoxville, Tenn.). Sword & Shield is a holistic information security provider with solutions to evaluate, remediate and monitor data security. The company also provides consultants to assist in all aspects of the security and compliance lifecycle, including HIPAA compliance. The company’s team of experts makes recommendations to increase HIPAA compliance with the HIPAA Security and Privacy kit.

Synopsys (Mountain View, Calif.). Synopsys is a software partner for companies around the world, focused on electronic design automation and semiconductor internet protocol. The company works with healthcare organizations to address cybersecurity risks for personal patient information and medical device hacking.

Tanium (Emeryville, Calif.). Tanium’s solution for hospitals and health systems provides complete visibility across managed and unmanaged endpoints to improve security hygiene. The tool allows users to ask a simple or complex question of any or all endpoints and receive a response directly from all endpoints within 15 seconds. Tanium can also collect data from third-party endpoint agents to bring multiple security and IT operations under one platform, which can help streamline operations and reduce costs.

ThreatMetrix (San Jose, Calif.). The ThreatMetrix Digital Identity Network is designed to inspect digital transactions across applications, devices and locations in real time. The company also provides online fraud prevention and can pinpoint suspect behavior and fraud attempts before damage is done. The company also provides authentication for patients, payers and physicians logging into the system.

TraceSecurity (Baton Rouge, La.). TraceSecurity is a leading provider of cybersecurity and compliance solutions that help organizations of all sizes reduce the risk of cyber breaches and demonstrate compliance. With a combination of software and services, TraceSecurity can help organizations manage their information security program and supplement it with third-party validation.

TrapX Security (San Mateo, Calif.). TrapX Security’s TrapX DeceptionGrid allows customers to send “traps” that impersonate systems and devices, responding like attackers in the real world, to fool and entrap attackers. Sending out multiple traps alongside real systems and devices ensures the system can identify and contain attackers before any damage is done. The technology can detect sophisticated attackers and provide real-time forensics and analysis for the hospital’s security operations team to take immediate action.

Trend Micro (Irving, Texas). Trend Micro is a global cybersecurity company providing solutions for consumers, businesses and governments. The company’s XGen solution was developed to help healthcare organizations improve security before, during and after attacks.

TrustPoint Solutions (Suwanee, Ga.). TrustPoint Solutions provides IT transformation, disaster recovery and security services to healthcare organizations. The TrustPoint team provides strategic advisory, planning and implementation services to help clients leverage their IT investment.

Trustwave (Chicago). Trustwave currently works with more than 3 million businesses to protect data and reduce security risks. The company provides a flexible portfolio of services to healthcare organizations designed to protect their specific infrastructure, networks and data while remaining HIPAA and HITECH compliant.

Tufin (London, U.K.). Tufin’s security policy orchestration solutions streamline security policy management across complex, heterogeneous organizations. The company’s technology alliance program partners with industry leaders to integrate the Tufin Orchestration Suite with their existing solutions.

Untangle (Sunnyvale, Calif.). The Untangle NG Firewall is designed as a single, modular platform that clients can run on their own hardware or as a virtual machine. Untangle helps the healthcare industry comply with HIPAA and HITECH through granular controls over who has access to the data.

Varonis (New York City). Varonis’ platform collects, stores and analyzes metadata in real time to protect data from cyberattacks. Organizations can monitor their unstructured data using the company’s platform. Varonis specializes in protecting file and email systems storing spreadsheets, word processing documents, presentations and audio and video files that contain sensitive information. The company also offers a HIPAA compliance crash course.

Venafi (Salt Lake City). Venafi’s platform pinpoints machine identity weaknesses and automatically makes updates to lower security risks. The company’s platform is designed to help healthcare organizations better secure keys and certificates against privacy breaches by strengthening the cryptology.

Vera (Palo Alto, Calif.). Vera aims to protect data with strong encryption on any device without changing the existing workflow. The company’s data-centric security solution is designed for collaboration while ensuring a high level of security, visibility and control. Vera includes HIPAA-compliant verticals for healthcare providers as well as pharmaceutical companies to secure intellectual property and trial data.

Virtru (Washington, D.C.). Virtru’s products allow businesses and individuals to control access to emails, documents and data regardless of where the files are shared. In the healthcare space, the company’s technology allows providers to share HIPAA-compliant emails and attachments, automatically identifying and encrypting personal health information. The company focuses on business privacy and data protection for more than 5,000 organizations worldwide. In May, the company closed a $37.5 million series B investment.

WhiteHat Security (Santa Clara, Calif.). WhiteHat Security focuses on securing web applications and delivering solutions to reduce the risk of cyberattacks. Healthcare providers use the company’s technology as well as expertise to deploy secure applications and websites, as well as third-party apps.

WinMagic (Mississauga, Ontario). WinMagic is a data security solutions company that secures data where it’s stored and provides enterprise-grade data encryption and key management policies across an organization’s operation systems. In the healthcare space, the company’s platform encrypts patient data and takes steps to ensure there won’t be a compliance breach.

Wombat Security Technology (Pittsburgh). Founded in 2008, Wombat Security Technologies received funding from the National Science Foundation and Department of Defense to develop a suite of cybersecurity software training and filtering technologies. The company evolved its provider awareness and training software to support clients’ efforts to teach secure behavior. In February 2017, the company expanded its healthcare security awareness training program to include ransomware training.

Zenedge (Aventura, Fla.). Zenedge offers security for web applications and networks. The company’s platform stops malicious bot traffic and distributed denial-of-service attacks and offers ongoing monitoring and security updates. The company’s cybersecurity platform includes an artificial intelligence engine and advanced bot mitigation and management. Zenedge’s cybersecurity solution can protect medical records and health information.

Zix (Dallas). Zix protects business communications through email encryption. The company’s solutions support around 15,000 businesses and 1,200 U.S. hospitals with email encryption, data loss prevention and bring-your-own-device security. In April, Zix acquired Seattle-based Erado, a provider of archiving, supervision, eDiscovery and analytics for the financial sector.


Source: https://www.beckershospitalreview.com/lists/125-cybersecurity-companies-in-healthcare-to-know-2018.html

The post 125+ Cybersecurity Companies in Healthcare to Know | 2018 appeared first on LookingGlass Cyber Solutions Inc..

The Daily Threat Brief: The President Gets A Daily Brief, Shouldn’t You?

The Daily Threat Brief is our version of the President’s Daily Brief (PDB),  focused on cyber threats and tips on being as secure as possible. We provide actionable insights into threat actors and their motivations and also dive into their tactics in ways that will inform your business decisions.

To sign up for the Daily Threat Brief see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

 

 

The post The Daily Threat Brief: The President Gets A Daily Brief, Shouldn’t You? appeared first on The Cyber Threat.

The CTOvision Cyberwar and Cybersecurity Weekly

The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. We help you defend your piece of cyberspace at home and at work.

To sign up for the CTOvision Cyberwar and Cybersecurity Weekly see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Cyberwar and Cybersecurity Weekly appeared first on The Cyber Threat.

The CTOvision Artificial Intelligence, Big Data and Analytics Weekly

The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.

To sign up for the Weekly AI, Big Data and Analytics Newsletter see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Artificial Intelligence, Big Data and Analytics Weekly appeared first on The Cyber Threat.

The CTOvision Weekly Tech Review

The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts for the executive in need of actionable insights which can drive decisions and lead to victory in the market place.

We report on: on Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, Cybersecurity and Blockchain and Cryptocurrencies.

We also provide focus on high interest topics, including Science Fiction, Entertainment, Cyber War, Tech Careers, Training and Education and Tech Tips.

To sign up for the CTOvision Pro IT Report see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Weekly Tech Review appeared first on The Cyber Threat.

The CTOvision Daily: Keep your finger on the pulse of the tech world

The Daily CTOvision.com is produced for the technology executive who needs to stay in the loop on the latest in technology and concepts for applying IT to address business and mission needs. Our daily provides summaries of all reporting.  If we don’t publish it does not go out, but it is never more than once a day.

We report on: on Cloud Computing, Artificial Intelligence, Mobility, Big Data, Robotics, Internet of Things, Cybersecurity and Blockchain and Cryptocurrencies.

We also provide focus on high interest topics, including Science Fiction, Entertainment, Cyber War, Tech Careers, Training and Education and Tech Tips.

To sign up for the CTOvision Daily see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Daily: Keep your finger on the pulse of the tech world appeared first on The Cyber Threat.

The CTOvision Monthly Report

CTOvision writes for the enterprise technologist. We provide CTOs, CIOs, CISOs, data scientists and other technologists with insights into emerging tech trends and concepts for making the most of advanced technologies. We organize events focused on thought leadership and provide research insights through a portfolio of newsletters.

Our premier publication is our monthly technology review, sent to over 32,000 technology thought leaders. This monthly summarizes reporting from the CTOvision.com blog as well as tech trends from the IT industry. The monthly also provide links to our technology assessments. The result: readers are provided with deep and actionable insights into the dynamic tech world.

To sign up for the Monthly CTOvision.com Tech Review see: CTOvision Newsletter Signups

Our full array of newsletters includes:

  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post The CTOvision Monthly Report appeared first on The Cyber Threat.

Inform your decisions with exquisite intelligence from CTOvision and ThreatBrief

For 10 years, Crucial Point, the consultancy formed by The Cyber Threat author Bob Gourley, has supported business and government decision-makers with action oriented research, consulting and advisory services. We have continually provided insights on our research via products under our CTOvision and ThreatBrief brands.
The current newsletter lineup includes:
  • The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities. This is our largest distribution list with over 32000 members. As its name implies, it is published once a month.
  • The Daily CTOvision.com Update provides a summary of posts we publish on our blog.  If we don’t publish it does not go out, but it is never more than once a day to 6,000 readers. All posts on the site are also shared with the over 14,500 CTOvision twitter followers and over 12,000 of Bob Gourley’s connections on LinkedIn.
  • The CTOvision Pro IT Report  summarizes enterprise IT developments and concepts. Transmitted to a select list of 700 CTOs and other tech professionals every Tuesday.
  • The Weekly Artificial Intelligence, Big Data and Analytics Newsletter is a weekly review of hot topics on the theme of Big Data. This is our fastest growing list with over 1,500 readers receiving the newsletter every Wednesday.
  • The Weekly Cyberwar and Cybersecurity Review summarizes enterprise IT security technologies and concepts and the issues you need to track regarding the high end threat actors. Over 6,000 readers receive this report every Thursday.
  • The Daily Threat Brief Our version of the President’s Daily Brief (PDB) focused on cyber threats and tips on being as secure as possible. Sent daily to a list of over 4,500 executives seeking insights into threats to business growth. Reports are also shared with over 10,000 Twitter followers of ThreatBrief.

For more and to sign up see: Crucial Point and CTOvision Newsletter Signups

The post Inform your decisions with exquisite intelligence from CTOvision and ThreatBrief appeared first on The Cyber Threat.

Interviewed on RSAC TV

I had the pleasure of being interviewed by Eleanor Dallaway, Editor and Publisher – Infosecurity Magazine, on RSA Conference Television (RSAC TV) last week at the annual RSA Security Conference.

In the interview, we spoke of what I had observed on the show floor, the state of the security industry, and I describe my perfect customer in information security.

Windows 10 Update Disrupts Pen Input; Microsoft Offers Potentially Dangerous Fix

A recent Microsoft security update – according to Wacom’s support pages, the OS build 16299.334 – has had a rather unexpected side-effect. Many users of have been experiencing issues where drawing apps, such as Photoshop, no longer function correctly. For example, pressing the pen to the tablet device does not “draw” as it should, but […]

Three Hacking Groups You Definitely Need to Know About

Hacker groups began to flourish in the early 1980s with the emergence of computer. Hackers are like predators that can access your private data at any time by exploiting the vulnerabilities of your computer. Hackers usually cover up their tracks by leaving false clues or by leaving absolutely no evidence behind. In the light of

The post Three Hacking Groups You Definitely Need to Know About appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Why the Cyber Criminals at Synack need $25 Million to Track Down Main Safety Faults

The enormous number of hacks in 2014 have propelled information safety into the front of the news and the brains of many companies. Cyber attacks on big enterprises like Target, Sony, and Home Depot lately caused President Obama to call for partnership amongst the two sectors (private and public) in order to share the information

The post Why the Cyber Criminals at Synack need $25 Million to Track Down Main Safety Faults appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Anonymous wants to further its engagement in the exploration of space – ‘Unite as Species’

The hack – tivist cyber criminal group Anonymous, more often than not related with cyber campaigns in opposition to fraudulent government administrations and terrorist organizations, has now set its sights on space. They posted a video on the group’s most important You Tube channel on the 18th of March, and called on to everyone through

The post Anonymous wants to further its engagement in the exploration of space – ‘Unite as Species’ appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Microsoft Remote Desktop Connection Manager

Imagine having the access and control to your computer to any place in the world from your iPhone. That would be really futuristic, no? Actually, this is not because there are applications available that can let you tap into your computer from on your mobile. These remote control applications do more than simply allow you

The post Microsoft Remote Desktop Connection Manager appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Vanished in 60 seconds! – Chinese cyber criminals shut down Adobe Flash, Internet Explorer

Associates of two Chinese cyber crime teams have hollowed out the best prizes at a main yearly hacking competition held in Vancouver, Canada. Cyber attackers at Pwn2Own, commenced in 2007, were triumphant in violating the security of broadly -used software including Adobe Flash, Mozilla’s Firefox browser, Adobe PDF Reader and Microsoft’s freshly – discontinued Internet

The post Vanished in 60 seconds! – Chinese cyber criminals shut down Adobe Flash, Internet Explorer appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Researcher makes $225,000, legally, by cyber attacking browsers

A single researcher who is actually a cyber criminal made $225,000 this week  – that too all by legal means! This cyber research hacker cyber criminally attacked browsers this past week. For the past two days, safety researchers have tumbled down on Vancouver for a Google – sponsored competition called Pwn – 2 – Own,

The post Researcher makes $225,000, legally, by cyber attacking browsers appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Political analysts caution air plane connections systems that are susceptible to cyber attacks

Marketable and even martial planes have an Achilles heel that could abscond them as susceptible to cyber criminals on the ground, who specialists say could possibly seize cockpits and generate disorder in the skies. At the present, radical groups are thought to be short of the complexity to bring down a plane vaguely, but it

The post Political analysts caution air plane connections systems that are susceptible to cyber attacks appeared first on Hacker News Bulletin | Find the Latest Hackers News.

The Health insurance Company – Premera Blue Cross – of the United States of America was cyber criminally attacks and 11 million records were accessed

Pemera Blue Cross, a United States of America – based health insurance corporation, has confided in that its systems were infringed upon and their security and associability was breached when  cyber criminals hacked the company and made their way in 11 million of their customers’ records. It is the second cyber attack in a row

The post The Health insurance Company – Premera Blue Cross – of the United States of America was cyber criminally attacks and 11 million records were accessed appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Want to have a VPN Server on Your Computer (Windows) Without setting up Any Software?

Windows has the added facility to work as a VPN server, even though this choice is undisclosed. This can work on both versions of Windows – Windows 8 and Windows 7. To enable this, the server makes use of the point-to-point tunneling protocol (PPTP.) This could be valuable for linking to your home system on

The post Want to have a VPN Server on Your Computer (Windows) Without setting up Any Software? appeared first on Hacker News Bulletin | Find the Latest Hackers News.

Security Beyond The Perimeter

Whether we like it or not, the way we architect, utilize, and secure the networks and systems under our control has changed. When servers were safely tucked away behind corporate firewalls and perimeter-deployed intrusion prevention controls, organizations became complacent and dependent on their host security. Unfortunately, inadequately architected security controls that rely solely on broad network-based protection can make the migration of an organization’s systems to private, public, and hybrid cloud hosting even more exposed to attackers than they were before.

Everyone has heard the “defense in depth” analogy relating security to a medieval castle with controlled access to different locations of the castle and a defensive moat around the perimeter. This “hard outside” and “soft inside” model was designed to make it as difficult as possible to get past the perimeter. However, once inside the walls, the trusted individual had elevated access to resources within the network.

Unsurprisingly, the medieval defense analogy has lost much of its relevance in a world where systems and users move effortlessly from within the confines of a walled corporation, to a local coffee shop, and perhaps even to a different country as part of normal business operations.

Securing the next generation of hosting platforms requires a new approach that not every organization is ready for. Some industry analyst firms promote the idea of a “cloud first strategy” for all technology deployments. Though not a bad idea, per se, this doesn’t mean that forklifting your entire architecture into cloud or containerized environments should be your number one priority – especially if you’re being forced to choose between a new architecture and the traditional security controls that you depend upon.

Thankfully, technology has evolved to allow for more seamless security in environments that need to span traditional datacenters, virtualization, and cloud environments. This has allowed organizations to grow their capabilities without the need to choose between having security and having new technology stacks.

So how do we, as security professionals and business owners, decide what mitigating controls should be deployed to future-proof our security? It’s actually much easier than it sounds. To learn more about how to perform security beyond the perimeter please read my full post on https://www.juniper.net/us/en/dm/security-beyond-the-perimeter/.

The Hay CFP Management Method

By Andrew Hay, Co-Founder and CTO, LEO Cyber Security.

I speak at a lot of conferences around the world. As a result, people often ask me how I manage the vast number of abstracts and security call for papers (CFPs) submissions. So I thought I’d create a blog post to explain my process. For lack of a better name, let’s call it the Hay CFP Management Method. It should be noted that this method could be applied to any number of things from blog posts to white papers and scholastic articles to news stories. I have successfully proven this methodology for both myself and my teams at OpenDNS, DataGravity, and LEO Cyber Security. Staying organized helped manage the deluge of events, submitted talks, and important due dates in addition to helping me keep track of where in the world my team was and what they were talking about.

I, like most people, started managing abstracts and submissions by relying on email searches and documents (both local and on Google Drive, Dropbox, etc.). Unfortunately, I didn’t find this scaled very well as I kept losing track of submitted vs. accepted/rejected talks and their corresponding dates. It certainly didn’t scale when it was applied to an entire team as opposed to a single individual.

Enter Trello, a popular (and freemium) web-based project management application that utilizes the Kanban methodology for organizing projects (boards), lists (task lists), and tasks (cards). In late September I start by creating a board for the upcoming year (let’s call this board the 2018 Conference CFP Calendar) and, if not already created, a board to track my abstracts in their development lifecycle (let’s call this board Talk Abstracts).

Within the Talk Abstracts board, I create several lists to act as swim lanes for my conference abstracts and other useful information. These lists are:

* Development: These are talks that are actively being developed and are not yet ready for prime time.
* Completed: These are talks that have finished development and are ready to be delivered at an upcoming event.
* Delivered: These are talks that have been delivered at least once.
* Misc: This list is where I keep my frequently requested form information such as my short bio (less than 50 characters), long bio (less than 1,500 characters), business mailing address (instead of browsing to your corporate website every time), and CISSP number (because who can remember that?).
* Retired: As a personal rule, I only use a particular talk for one calendar year. When I feel as though the talk is stale, boring, or stops being accepted, I move the card to this list. That’s not to say you can’t revive a talk or topic in the future as a “version 2.0”. This is why keeping the card around is valuable.

Within the 2018 Conference CFP Calendar board, I create several lists to act as swim lanes for my various CFPs. These lists are:

* CFP open: This is where I put all of the upcoming conference cards that I know about even if I do not yet know the exact details (such as location, CFP open/close, etc.).
* CFP closes in < 30 days: This is where I put the upcoming conference cards that have a confirmed closing date within the next 30 days. Note, it is very important to record details in the cards such as closing date, conference CFP mechanism (e.g. email vs. web form), and any related URLs for the event.
* Submitted: These are the conferences that I have submitted to and the associated cards. Note, I always provide a link to the abstract I submitted as a way to remind myself what I’m talking about.
* Accepted: These are the accepted talk cards. Note, I always put a copy of the email (or link to) acceptance notification to record any details that might be important down the road. I also make sure to change the date on the card to that of the speaking date and time slot to help keep me organized.
* Attending but not presenting: This is really a generic catch-all for events that I need to be at but may not be speaking at (e.g. booth duty, attending training, etc.). The card and associated dates help keep my dance card organized.
* Accepted but backed out: Sometimes life happens. This list contains cards of conference submissions that I had to back out of for one reason or another. I keep these cards in their own column to show me what was successfully accepted and might be a fit for next year in addition to the reason I had to back out (e.g. conflict, personal issue, alien abduction, etc.).
* Completed: This list is for completed talk cards. Again, I keep these to reference for next year’s board as it provides some ballpark dates for when the CFP opens, closes, as well as the venue and conference date.
* Rejected: They’re not all winners and not everybody gets every talk accepted. In my opinion, keeping track of your rejected talks is as (if not more) important as keeping track of your accepted talks. Not only does it allow you to see what didn’t work for that particular event, but it also allows you to record reviewer feedback on the submission and maybe submit a different style or type of abstract in the future.
* Not doing 2018: This is the list where I put conference cards that I’ve missed the deadline on (hey, it happens), cannot submit to because of a conflict, or simply choose to not submit a talk to.

It should be noted that I keep the above lists in the same order every year to help minimize my development time against the Trello API for my visualization dashboard (which I will explain in a future blog post). This might sound like a lot of work but once you’ve set this board up you can reuse it every year. In fact, it’s much easier to copy last year’s board than starting fresh every year, as it brings the cards and details over. Then all you need to do is update the old cards with the new venue, dates, and URLs.

Now that we have our board structure created we need to start populating the lists with the cards – which I’ll explain in the next blog post. In addition to the card blog post, I’ll explain two other components of the process in subsequent posts. For reference, here are the upcoming blog posts that will build on this one:

* Individual cards and their structure
* Moving cards through the pipeline
* Visualizing your board (and why it helps)

The post The Hay CFP Management Method appeared first on LEO Cyber Security.

Detect and Prevent Data Exfiltration Webinar with Infoblox

Please join SANS Institute Instructor and LEO Cyber Security Co-Founder & CTO Andrew Hay and Infoblox Security Product Marketing’s Sam Kumarsamy on Thursday, August 17th, 2017 at 1:00 PM EDT (17:00:00 UTC) as they present a SANS Institute webinar entitled Detect & Prevent Data Exfiltration: A Unique Approach.

Overview

Data is the new currency in the modern digital enterprise and protecting data is a strategic imperative for every organization. Enterprises must protect data whether it resides in a data center, an individual’s laptop that is used on premise or off premise and across the global distributed enterprise. Effective data exfiltration prevention requires protecting DNS, the most commonly used channels to steal data and combining reputation, signatures and behavioral analytics. The detection and prevention of loss of data requires analysis of vast amounts of network data and require a solution that can scale to examine this data. In this webinar you will also learn about the Infoblox’s unique approach to detecting and preventing data exfiltration.

To register for the webinar, please visit: https://www.sans.org/webcasts/detect-prevent-data-exfiltration-unique-approach-infoblox-104985

You can now also attend the webcast using your mobile device!

 

The post Detect and Prevent Data Exfiltration Webinar with Infoblox appeared first on LEO Cyber Security.

Petya Ransomware: What You Need to Know and Do

By: Andrew Hay

Unless you’ve been away from the Internet earlier this week, you’ve no doubt heard by now about the global ransomware outbreak that started in Ukraine and subsequently spread West across Western Europe, North America, and Australia yesterday. With similarities reminiscent to its predecessor WannaCry, this ransomware attack shut down organizations ranging from the Danish shipping conglomerate Maersk Line to a Tasmanian-based Cadbury chocolate factory.

I was asked throughout the course of yesterday and today to help clarify exactly what transpired. The biggest challenge with any surprise malware outbreak is the flurry of hearsay, conjecture, speculation, and just plain guessing by researchers, analysts, and the media.

At a very high level, here is what we know thus far:

  • The spread of this campaign appears to have originated in Ukraine but has migrated west to impact a number of other countries, including the United States where pharmaceutical giant Merck and global law firm DLA Piper were hit
  • The initial infection appears to involve a software supply-chain threat involving the Ukrainian company M.E.Doc, which develops tax accounting software, MeDoc
  • This appears to be a piece of malware utilizing the EternalBlue exploit disclosed by the Shadow Brokers back in April 2017 when the group released several hacking tools obtained from the NSA
  • Microsoft released a patch in March 2017 to mitigate the discovered remote code execution vulnerabilities that existed in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handled certain requests
  • The malware implements several lateral movement techniques:
    • Stealing credentials or re-using existing active sessions
    • Using file-shares to transfer the malicious file across machines on the same network
    • Using existing legitimate functionalities to execute the payload or abusing SMB vulnerabilities for unpatched machines
  • Experts continue to debate whether or not this is a known malware variant called Petya but several researchers and firms claim that this is a never before seen variant that they are calling GoldenEye, NotPetya, Petna, or some other random name such as Nyetya
  • The jury is still out on whether or not the malware is new or simply a known variant

 

Who is responsible?

The million dollar question on everyone’s mind is “was this a nation-state backed campaign designed to specifically target Ukraine”? We at LEO believe that to be highly unlikely for a number of reasons. The likelihood that this is an opportunistic ransomware campaign with some initial software package targets is far more likely scenario than a state-sponsored actor looking to destabilize a country.

Always remember the old adage from Dr. Theodore Woodward: When you hear hoofbeats, think of horses not zebras.

If you immediately start looking for Russian, Chinese, or North Korean state-sponsored actors around every corner, you’ll inevitably construct some attribution and analysis bias. Look for the facts, not the speculation.

What does LEO recommend you do?

We recommend customers that have not yet installed security update MS17-010 to do so as soon as possible. Until you can apply the patch, LEO also recommends the following steps to help reduce the attack surface:

  • Disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547
  • Block incoming SMB traffic from the public Internet on port 445 and 139, adding a rule on your border routers, perimeter firewalls, and any intersecting traffic points between a higher security network zone to a lower security network zone
  • Disable remote WMI and file sharing, where possible, in favor of more secure file sharing protocols
  • Ensure that your logging is properly configured for all network-connected systems including workstations, servers, virtualized guests, and network infrastructure such as routers, switches, and firewalls
  • Ensure that your antimalware signatures are up-to-date on all systems (not just the critical ones)
  • Review your patch management program to ensure that emergency patches to mitigate critical vulnerabilities and easily weaponized attacks can be applied in an expedited fashion
  • Finally, consider stockpiling some cryptocurrency, like Bitcoin, to reduce any possible transaction downtime should you find that your organization is forced to pay the ransom. Attempting to acquire Bitcoin during an incident may be time-prohibitive

 

Should your organization need help or clarification on any of the above recommendations, please don’t hesitate to reach out to LEO Cyber Security for immediate assistance.

Further reading

The post Petya Ransomware: What You Need to Know and Do appeared first on LEO Cyber Security.

Diving into the Issues: Observations from SOURCE and AtlSecCon

Last week I had the pleasure of presenting three times, at two conferences, in two different countries: SOURCE in Boston, MA and at the Atlantic Security Conference (AtlSecCon) in Halifax, NS, Canada.

The first event of my week was SOURCE Boston. This year marked the tenth anniversary of SOURCE Conference and it continues to pride itself on being one of the only venues that brings business, technology and security professionals together under one roof to focus on real-world, practical security solutions for some of todays toughest security issues. Though I was only there for the first day, I was able to catch up with friends, play some Hacker Movie Trivia with Paul Asadoorian (@securityweekly), and chat with attendees on some of the biggest challenges we face around detecting and mitigating ransomware attacks.

After my presentation, I rushed off to Logan Airport to sit in, on what I now choose to call, the “Air Canada Ghetto” – a small three gate departure area segregated from the rest of the airport and its amenities. A minor four hour delay later, I was on my way to Halifax for AtlSecCon.

Between meetings and casual conversations I was enlightened by several presentations. Raf Los (@Wh1t3Rabbit), managing director of solutions research & development at Optiv, discussing Getting Off the Back Foot – Employing Active Defence which talked about an outcome-oriented and capabilities-driven model for more effective enterprise security.

After his talk, Aunshul Rege (@prof_rege), an assistant professor with the Criminal Justice department at Temple University, gave a very interesting talk entitled Measuring Adversarial Behavior in Cyberattacks. With a background in criminology, Aunshul presented her research from observations and interviews conducted at the Industrial Control Systems Computer Emergency Response Team’s (ICS-CERT) Red/Blue cybersecurity training exercise held at Idaho National Laboratory. Specifically, she covered how adversaries might engage in research and planning, offer team support, manage conflict between group members, structure attack paths (intrusion chains), navigate disruptions to their attack paths, and how limited knowledge bases and self-induced mistakes can possibly impact adversaries.

The last presentation was Mark Nunnikhoven’s (@marknca) highlighting Is Your Security Team Set up To Fail? Mark, the VP of cloud research at Trend Micro and a personal friend, examined the current state of IT security programs and teams…delving into the structure, goals, and skills prioritized by the industry.

The second day of the conference was filled with meetings for me but I was able to sit through Michael Joyce’s talk entitled A Cocktail Recipe for Improving Canadian Cybersecurity.  Joyce described the goals and objectives of The Smart Cybersecurity Network (SERENE-RISC) – a federally funded, not-for-profit knowledge mobilization network created to improve the general public’s awareness of cybersecurity risks and to empower all to mitigate them through knowledge. He was an excellent presenter and served as a call to action for those looking to help communicate the need for cybersecurity to all Canadians.

At both conferences I presented my latest talk entitled The Not-So-Improbable Future of Ransomware which explored how thousands of years of human kidnap and ransom doctrine have served as a playbook for ransomware campaign operators to follow. It was well received by both audiences and sparked follow-up conversations and discussions throughout the week. The SOURCE version can be found here and the AtlSecCon version here.

The conversation was received some early praise on the SOURCE session in addition to written pieces by Bill Brenner (@billbrenner70) from Sophos:


And Taylor Armerding (@tarmerding2) from CSO:


At AtlSecCon I joined a panel entitled Security Modelling Fundamentals: Should Security Teams Model a SOC Around Threats or Just Build Layers? Chaired by Tom Bain (@tmbainjr1), VP of marketing at CounterTack, the session served as a potpourri of security threats and trends ranging from ransomware, to regulation, to attack mitigation. It was quite fun and a great way to end the day.

Though it was a long series of flights home to the Bay Area I thoroughly enjoyed both conferences. I would highly recommend attending and/or speaking at both next year if you are provided with the opportunity.

Next up, (ISC)² CyberSecureGov 2017 in Washington, D.C. and the Rocky Mountain Information Security Conference (RMISC) in Denver, CO. Perhaps I’ll see some of our readers there!

The post Diving into the Issues: Observations from SOURCE and AtlSecCon appeared first on LEO Cyber Security.

Transitioning from my CISO role at DataGravity

As of today I’m transitioning out of my CISO role at DataGravity and am on the hunt for a new full-time gig. Though I appreciate your condolences, I see this as a good thing and the transition is an amicable one.

 

What this really means, however, is that I get to explore exciting opportunities with exciting companies 🙂

 

Who is looking…

This guy. Many of us have met before but, if you’re like me, you may recognize the face but forget (or have never known) what my work history included.

 

For some background on my past work experience, please check LinkedIn (https://www.linkedin.com/in/andrewhay/) or the press kit section of my blog (http://www.andrewhay.ca/press-kit).

I also have a resume ready to go if you’d like a copy.

 

What I’m looking for…

A senior leadership role (e.g. Chief Research Officer, Head of Research, VP Research, etc.) in a data-centric security company where I can lead and mentor an existing, or help found, a world-class security research organization.

 

AND/OR

 

A senior leadership (e.g. CTO, CISO, CSO, etc.) role in an early-stage security startup where I can contribute to the company’s growth, innovation, product strategy, and market penetration.

 

AND/OR

 

A senior leadership (e.g. CISO, CSO, etc.) role in an established company where I can help keep the organization, its employees, and its customers safe and secure through the implementation and management of a measurable information security program.

 

Where I’m looking…

As my wife has a vested interest (no pun intended) in staying in San Francisco, I cannot relocate at this time. That means any opportunities would have to be in the San Francisco Bay Area or allow me to continue working from home as I do now.

 

If you’re in the market for a passionate security leader with my experience and qualifications I’d love to hear from you.

 

 

Security is Not, and Should not be Treated as, a Special Flower

My normal Wednesday lunch yesterday was rudely interrupted by my adequate friend and reasonable security advocate Javvad calling me to ask my opinion on something. This in itself was surprising enough, but the fact that I immediately gave a strong and impassioned response told me this might be something I needed to explore further… The UK … Read More

“And the winner is… Compliance!”

Disclaimer: My comments below are based upon quotes from both Twitter and The Times of London on the UK’s TalkTalk breach; as a result the subsequent investigation and analysis may find that some of the assertions are in fact incorrect. I will post clarifying statements should this happen to be the case. I am not … Read More