Webroot Provides DNS Web Filtering for Guest WiFi
Feb14

Webroot Provides DNS Web Filtering for Guest WiFi

Webroot has expanded its SecureAnywhere DNS filtering service to include guest WiFi networks. The new service uses the firm’s domain layer security and content filtering service and ensures high availability of WiFi access via Webroot’s DNS global servers. Businesses are now under pressure to provide free Wi-Fi access throughout their establishment, with many customers choosing businesses based on whether WiFi access is provided. However, Wi-Fi networks can be hijacked and hacked placing customers at risk. Businesses also need to take care to ensure that their WiFi connections are not abused and used for illegal activities such as copyright infringing downloads and the accessing of criminally obscene website content. Webroot’s cloud-based SaaS has been developed to solve the problem and allows businesses to easily provide clean, safe, and secure WiFi access to guests. The solution has been developed to be easy to implement and use, even by those with little technical ability. Setting up content filtering on WiFi networks requires a minor change to DNS settings to redirect guest...

Read More
Healthcare Industry Scores Poorly on Employee Security Awareness
Feb13

Healthcare Industry Scores Poorly on Employee Security Awareness

A recent report published by security awareness training company MediaPro has revealed there is still a lack of preparedness to deal with common cyberattack scenarios and privacy and security threats are still not fully understood by healthcare professionals. For MediaPro’s 2017 State of Privacy and Security Awareness Report, the firm surveyed 1,009 US healthcare industry employees to assess their level of security awareness. Respondents were asked questions about common privacy and security threats and were asked to provide answers on several different threat scenarios to determine how they would respond to real world threats. Based on the responses, MediaPro assigned respondents to one of three categories. Heroes were individuals who scored highly and displayed a thorough understanding of privacy and security threats by answering 93.5%-100% of questions correctly. Novices showed a reasonable understanding of threats, answering between 77.4% and 90.3% of answers correctly. The lowest category of ‘Risks’ was assigned to individuals with poor security awareness, who scored 74.2% or...

Read More
Barracuda Acquired by Thoma Bravo in $1.6 Billion Deal
Feb12

Barracuda Acquired by Thoma Bravo in $1.6 Billion Deal

The cloud security and data protection firm Barracuda Networks Inc., has been acquired by the private equity investment firm Thoma Bravo in a deal worth $1.6 billion. Financing for the acquisition was provided by Goldman Sachs & Co. LLC, Credit Suisse, and UBS Investment Bank. Barracuda will continue to operate as a privately held company. Barracuda shareholders will receive $27.55 per share of common stock they hold. “Thoma Bravo has an excellent history of investing in growing security businesses, and this transaction speaks to the value and strength of Barracuda’s security platform, which helps customers protect and manage their networks, applications, and data. I expect that our employees, customers, and partners will benefit from this partnership,” said BJ Jenkins, chief executive officer of Barracuda. Barracuda currently protects more than 150,000 customers from email, web, and network attacks with its platform used to protect workloads and applications from the full range of malicious attacks. Its cybersecurity solutions can be centrally managed in...

Read More
PhishMe (Now Cofense) Wins Five Cybersecurity Awards
Feb10

PhishMe (Now Cofense) Wins Five Cybersecurity Awards

PhishMe (now Cofense) has collected five 2018 Cybersecurity Excellence Awards for its phishing defense solutions. The Cybersecurity Excellence Awards program is produced by Cybersecurity Insiders in partnership with the Information Security Community on LinkedIn. The awards program recognizes excellence in the field of cybersecurity with awards being given to companies that have demonstrated excellence, leadership, and innovation in information security. This year there were more than 400 entries across 70 different categories. The awards winners were selected based on the strength of their nominations and members of the Information Security Community are required to vote for their best loved products and services. The finalists for the awards were announced on February 1 and the winners on February 7. To even be named as a finalist confirms that a company has developed exceptional products and services that help businesses protect their networks and data against cyberattacks. Cybersecurity Insiders notes that “All winners and finalists reflect the very best in today’s...

Read More
Symantec Offers Solution for Filtering Uncategorized Websites
Feb06

Symantec Offers Solution for Filtering Uncategorized Websites

Organizations that have implemented URL filtering to control the websites that employees are allowed to access can easily filter websites by category. However, not all websites are categorized, which creates a problem with URL filtering. Without a category, applying category controls is not possible. Now, Symantec has offered a solution to the problem. When new websites are created it takes time for categories to be applied and the lag poses problems for URL filtering. The solution chosen by many organizations has been an all or nothing approach. Block all uncategorized websites or allow them to be accessed. When a category is assigned to the sites, they will be subjected to standard filtering controls. The allow all approach could permit malicious websites to be accessed, while the deny all approach means potentially useful websites will be unnecessarily blocked. While IT departments may be willing to accept the latter, it can result in an increase in support calls to the helpdesk. The Blue Coat Web Filter URL database is comprehensive, although the same problem with uncategorized...

Read More
TitanHQ Partners with HTG Peer Groups
Feb04

TitanHQ Partners with HTG Peer Groups

At the HTG Peer Groups Q1 quarterly meeting in Las Vegas, TitanHQ, the leading provider of cloud-based web filtering and anti-spam solutions, announced it has partnered with HTG: The international coaching, consulting, and peer group organization. The new partnership sees TitanHQ become a Gold vendor, with its cybersecurity solutions made instantly available to HTG community members. HTG was formed in 2000 with the aim of helping businesses expand and realize their full potential. HTG consultants provide insights and share wisdom with business leaders to help them create the accountability and structure necessary to make their businesses a success. Through HTG, business leaders can maximize their potential using tried and tested strategic systems. The path to profitability and success inevitably involves some setbacks and having a partner to provide support and guidance through difficult times can make a big difference. Many companies also require help to avoid common problems: problems that can cause significant, and sometimes catastrophic, losses. One area of concern voiced by...

Read More
Phishing Attack on Business Associate Exposes Forrest General Hospital Patients’ PHI
Feb02

Phishing Attack on Business Associate Exposes Forrest General Hospital Patients’ PHI

The management consulting company HORNE LLP, a business associate of Forrest Health’s Forrest General Hospital, is notifying certain hospital patients that some of their protected health information (PHI) has potentially been obtained by a third party after access was gained to the email account of one of its employees. HORNE provides certain Medicare reimbursement services to Forrest General Hospital and as such, requires access to patients’ PHI. HORNE became aware of an email account breach on November 1, 2017 when it discovered the email account of an employee was being used to send phishing emails. The discovery prompted the shut down of the email account and an investigation into a potential breach was launched. That investigation revealed an unauthorized individual had gained access to the employee’s email account the previous day as a result of the employee responding to a phishing email. The phishing attack was investigated by a third-party investigator to determine the nature and extent of the breach and whether the PHI of any patients had been exposed. The investigation...

Read More
Analysis of Healthcare Data Breaches in 2017
Jan24

Analysis of Healthcare Data Breaches in 2017

A summary and analysis of healthcare data breaches in 2017 has been published by Protenus. Data for the report is obtained from Databreaches.net, which tracks healthcare data breaches reported to OCR, the media, and other sources. The 2017 breach report gives an indication of the state of healthcare cybersecurity.  So how has 2017 been? There Were at Least 477 Healthcare Data Breaches in 2017 In some respects, 2017 was a good year. The super-massive data breaches of 2015 were not repeated, and even the large-scale breaches of 2016 were avoided. However, healthcare data breaches in 2017 occurred at rate of more than one per day. There were at least 477 healthcare data breaches in 2017 according to the report. While all those breaches have been reported via one source or another, details of the nature of all the breaches is not known. It is also unclear at this stage exactly how many healthcare records were exposed. Numbers have only been obtained for 407 of the breaches. There was a slight increase (6%) in reported breaches in 2017, up from 450 incidents in 2016. However, there was...

Read More
Analysis of Q4 2017 Healthcare Security Breaches
Jan22

Analysis of Q4 2017 Healthcare Security Breaches

Q4, 2017 saw a 13% reduction in healthcare security breaches reported to the Department of Health and Human Services’ Office for Civil Rights. There were 99 data breaches reported in Q3, 2017. In Q4, there were 86 security breaches reported. There were 27 healthcare security breaches reported in September, following by a major decline in breaches in November, when 21 incidents were reported. However, December saw a significant uptick in incidents with 38 reported breaches. Accompanied by the quarterly decline in security incidents was a marked decrease in the severity of breaches. In Q3, there were 8 data breaches reported that impacted more than 50,000 individuals. In Q4, no breaches on that scale were reported. The largest incident in Q4 impacted 47,000 individuals.  Largest Q4, 2017 Healthcare Security Breaches   Covered Entity Entity Type Number of Records Breached Cause of Breach Oklahoma Department of Human Services Health Plan 47000 Hacking/IT Incident Henry Ford Health System Healthcare Provider 43563 Theft Coplin Health Systems Healthcare Provider 43000 Theft...

Read More
Summary of Healthcare Data Breaches in December 2017
Jan18

Summary of Healthcare Data Breaches in December 2017

There was a sharp rise in healthcare data breaches in December, reversing a two-month downward trend. There were 38 healthcare data breaches in December 2017 that impacted more than 500 individuals: An increase of 81% from last month.     Unsurprisingly given the sharp increase in reported breaches, the number of records exposed in December also increased month over month. The records of 341,621 individuals were exposed or stolen in December: An increase of 219% from last month.     December saw a similar pattern of breaches to past months, with healthcare providers experiencing the most data breaches; however, there was a notable increase in breaches reported by health plans in December – rising from 2 in November to six in December.   Causes of Healthcare Data Breaches in December 2017 As was the case last month, hacking/IT incidents and unauthorized access/disclosures were the most common causes of healthcare data breaches in December, although there was a notable increase in theft/loss incidents involving portable electronic devices and paper records....

Read More
Fortinet Launches New Operational Technology Security Solution for Critical Infrastructure Organizations
Jan18

Fortinet Launches New Operational Technology Security Solution for Critical Infrastructure Organizations

Cyberattacks on critical infrastructure are becoming much more common. Cybersecurity reports suggest SCADA/ICS security breaches have been experienced by more than 50% of critical infrastructure organizations in the past 12 months alone. Those attacks can result in major disruption to essential services including energy, water, and healthcare. Unfortunately, there are major differences between traditional information technology and operational technology (OT). Consequently, most enterprise-class security solutions do not have visibility into OT systems due to the highly specialized nature of the technology. Without visibility, it is not possible to effectively defend against cyberattacks on OT systems. However, Fortinet has now developed a security solution that addresses the unique challenges of protecting operational technology. Its latest offering unifies the management and administration of both OT and IT via the Fortinet Security Fabric. The Fortinet Security Fabric allows organizations to deploy advanced cybersecurity controls to keep their OT systems, control systems, and...

Read More
Cyren and Carvir Partnership Sees SaaS Web and Email Security Solutions Offered to MSP Partners
Jan10

Cyren and Carvir Partnership Sees SaaS Web and Email Security Solutions Offered to MSP Partners

Cybersecurity firm Cyren has announced it has formed a new distribution partnership with Carvir that will see the firm’s web and email Security SAAS platforms offered to Managed Service and IT Service Providers. Carvir is a leading global distributor of monitoring and managed cybersecurity services for the IT services and MSP channel. Carvir already offers a wide range of cybersecurity solutions to MSPs and IT service providers, although there was a gap in its DNS, email, and web security solutions. Carvir now has more than 500 MSP partners who serve the needs of tens of thousands of business customers by providing managed security services. Over the past eight months Carvir has been searching for a new provider of cloud-based web security services. There was no shortage of powerful web security solutions, but most web security solutions were not MSP friendly, having been developed for enterprises rather than service providers. Many solutions lacked the multi-tenant capability or pricing model required by MSPs. By adding Cyren to our portfolio, we are delivering a superior security...

Read More
Barracuda Networks Acquires Security Awareness Firm PhishLine
Jan03

Barracuda Networks Acquires Security Awareness Firm PhishLine

Barracuda Networks has announced it has acquired the security awareness and anti-phishing training firm PhishLine. The deal will see PhishLine’s training and phishing simulation platform incorporated into the Barracuda range of AI-driven anti-phishing solutions to provide more comprehensive protection for its customers. Technological defenses against spear phishing and phishing help companies to reduce risk to a reasonable level; however, no solution can be 100% effective against the barrage of spam and malicious emails now being sent by threat actors around the globe. Email is now the leading attack vector and highly sophisticated tactics are now used to bypass security controls and target employees. Social engineering techniques are used to fool employees into revealing their login credentials and install malware and ransomware. Security awareness training is therefore an important part of any cybersecurity strategy. Businesses must ensure that the workforce has the necessary skills to identify new threats and take the appropriate action. This is where PhishLine excels. The...

Read More
Email Archiving Service Added to the Cyren Cloud Security Platform
Jan03

Email Archiving Service Added to the Cyren Cloud Security Platform

Cyren, a provider of DNS, email, and web security solutions, has announced the inclusion of a new email archiving service in its Cloud Security Platform. The platform can be used to keep business email messages secure while ensuring compliance with state and federal email retention regulations. Cyren’s Security-as-a-Service platform combines web security, email security, DNS security, cloud sandboxing, and email archiving into a single cloud-based platform that can be accessed, monitored, and managed through a single web-based administration control panel. The new release comes in response to requests by customers to provide complimentary services to the platform related to email management. Being cloud-based, the solution allows additional services to be easily rolled out to customers, something that would not be possible with appliance-based solutions. The latest addition helps organizations meet their email management compliance obligations, safely and securely store vast quantities of emails without the need for on-premises storage, and ensures all messages can be quickly and...

Read More
Whitelist Only Feature Added to Cisco Umbrella
Dec30

Whitelist Only Feature Added to Cisco Umbrella

Cisco has announced it has added a new whitelist only feature to Cisco Umbrella. The whitelist only option allows organizations to restrict Internet access to a small number of secure websites, and block access to the rest of the Internet. User are able to access the whitelist only option via their Umbrella dashboard. When the whitelist only option is set, all domains will be blocked by default and will be inaccessible. Any attempt made by an end user to visit a website that has not been added to the whitelist will be blocked before a connection is made. Any individual that attempts to access an unauthorized website would be presented a block page or the user could be directed to a specific URL. The setting can be applied to an existing rule or a new rule can be created. The whitelist only option can be set for the entire organization, for a particular network, for user groups, individual users or certain devices. The whitelist option will disable category lists and blocklists and will only allow sites to be added via allow lists. The whitelist can be used for domains or URLs....

Read More
Phishing Attack on Colorado Mental Health Institute Sees PHI Exposed
Dec27

Phishing Attack on Colorado Mental Health Institute Sees PHI Exposed

The Colorado Mental Health Institute at Pueblo has discovered one of its employees has fallen for a phishing scam that potentially allowed the attacker to gain access to the protected health information of as many as 650 patients. The Colorado Mental Health Institute at Pueblo is a 449-bed hospital providing inpatient care for patients. The hospital serves patients with pending criminal charges that require competency evaluations, individuals found by the courts to be incompetent to proceed, and individuals found not guilty of crimes due to insanity. The phishing attack occurred on November 1, 2017. The employee inadvertently disclosed login credentials that allowed the attacker to gain access to a state-issued computer. Unauthorized activity on the computer was detected the following day and access to the device was promptly blocked. The forensic investigation did not uncover any evidence to suggest the protected health information of patients had been accessed or stolen, although the possibility of unauthorized access and data theft could not be ruled out with complete certainty....

Read More
Cybersecurity Best Practices for Travelling Healthcare Professionals
Dec27

Cybersecurity Best Practices for Travelling Healthcare Professionals

In its December cybersecurity newsletter, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) offered cybersecurity best practices for travelling healthcare professionals to help them prevent malware infections and the exposure of patients’ protected health information (PHI). Many healthcare professionals will be travelling to see their families over the holidays and will be taking work-issued devices with them on their travels, which increases the risk to the confidentiality, integrity, and availability of PHI. Using work-issued laptops, tablets, and mobile phones in the office or at home offers some protection from cyberattacks and malware infections. Using the devices to connect to the Internet at cafes, coffee shops, hotels, and other Wi-Fi access points increases the risk of a malware infection or man-in-the-middle attack. Even charging portable devices via public USB charging points at hotels and airports can see malware transferred. Not only will malware and cyberattacks potentially result in data on the device being exposed, login credentials can...

Read More
New Malware Detections at Record High: Healthcare Most Targeted Industry
Dec21

New Malware Detections at Record High: Healthcare Most Targeted Industry

Throughout 2017, the volume of new malware samples detected by McAfee Labs has been steadily rising each quarter, reaching a record high in Q3 when 57.6 million new malware samples were detected. On average, in Q3 a new malware sample was detected every quarter of a second. In the United States, the healthcare industry continues to be the most targeted vertical, which along with the public sector accounted for more than 40% of total security incidents in Q3. In Q3, account hijacking was the main attack vector, followed by leaks, malware, DDoS, and other targeted attacks. There were similar findings from the recent HIMSS Analytics/Mimecast survey which showed email related phishing attacks were the greatest cause of concern among healthcare IT professionals, with email the leading attack vector. In Q3, globally there were 263 publicly disclosed security breaches – a 15% increase from last quarter – with more than 60% of those breaches occurring in the Americas. Malware attacks increased 10% since last quarter bringing the total new malware samples in the past four quarters to...

Read More
Email Top Attack Vector in Healthcare Cyberattacks
Dec12

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that participated in the survey have experienced more than a dozen malware or ransomware attacks in the past year. While there are several possible ways that ransomware and malware can be installed, healthcare providers rated email as the number one attack vector. When asked to rank attack vectors, Email was rated as the most likely source of a data breach by 37% of respondents, with the second most likely source of a data breach being ‘other portable devices’, ranked as the main threat by 10% of organizations. 59% of organizations ranked email first, second, or third as the most likely attack vector. In second place was laptops, which were ranked 1, 2, or 3 by 44% of organizations. Given the frequency of email based attacks this year, it is no surprise that healthcare organizations believe...

Read More
SafeDNS Partners with Router Manufacturers to Provide WiFi Control Straight out of the Box
Dec11

SafeDNS Partners with Router Manufacturers to Provide WiFi Control Straight out of the Box

SafeDNS has partnered with router manufacturers to offer safe WiFI access straight out of the box. Most WiFi routers do not incorporate the necessary controls to allow the filtering of Internet content without the addition of a third-party solution or controls applied at the ISP level. When web-filtering solutions are included, they tend to be basic and typically do not include advanced capabilities such as SSL inspection, so are restricted to blocking HTTP sites. As more businesses mover over to HTTPS, these web filtering controls cease to be effective. Cybercriminals are also making the move to HTTPS, so the failure to decrypt, inspect, and re-encrypt traffic could leave businesses and consumers exposed to online threats. Further, most routers with Internet access controls included do not offer the same granular control as third party solutions and custom filtering rules cannot be applied.  Even in a home environment this can cause problems, as it is not possible to apply different settings for individual users. The all or nothing approach means the same restrictions for a...

Read More
880 Patients Potentially Impacted by Baptist Health Louisville Phishing Attack
Dec06

880 Patients Potentially Impacted by Baptist Health Louisville Phishing Attack

Baptist Health in Louisville, KY has notified 880 patients that some of their protected health information has potentially been accessed and stolen by hackers. The security breach was discovered on October 3, 2017, when irregular activity was detected on the email account of an employee. Baptist Health was able to determine that a third party sent a phishing email to the employee, who responded and disclosed login credentials allowing the email account to be accessed. Those login credentials were subsequently used by an unknown individual to gain access the email account. The email account contained the protected health information of 880 patients, although it is unclear whether any of the emails were viewed. The motive behind the attack may not have been to gain access to sensitive information. What is known, is access was used to send further phishing emails to other email accounts. Following the discovery of the breach, Baptist Health responded quickly to limit the potential for harm and disabled the affected email accounts and performed a password reset to prevent further...

Read More
18,500 Patients PHI Exposed After Multiple Email Accounts Were Compromised
Dec06

18,500 Patients PHI Exposed After Multiple Email Accounts Were Compromised

The Detroit-based Henry Ford Health System has started notifying almost 18,500 patients that some of their protected health information has potentially been accessed by an unauthorized individual. The breach was detected on October 3, 2017 when unauthorized access to the email accounts of several employees was detected. While protected health information was potentially accessed or stolen, the health system’s EHR system was not compromised at any point. All data was confined to the compromised email accounts. It is currently unclear exactly how access to the email accounts was gained. Typically, breaches such as this involve phishing attacks, where multiple emails are sent to healthcare employees that fool them into disclosing their login credentials. An internal investigation into the breach is ongoing to determine the cause of the attack and how the login credentials of some of its employees were stolen. Henry Ford Health System has conducted a review of all emails in the accounts and has determined that 18,470 patients have been affected. The emails contained a range of...

Read More
Survey Reveals Poor State of Email Security in Healthcare
Nov29

Survey Reveals Poor State of Email Security in Healthcare

A recent survey showed 98% of top healthcare providers have yet to implement the DMARC (Domain-based Message Authentication, Reporting & Conformance) email authentication standard. The National Health Information Sharing and Analysis Center (NH-ISAC), the Global Cybersecurity Alliance (GCA), and cybersecurity firm Agari investigated the level of DMARC adoption in the healthcare industry and the state of healthcare email security. For the report, Agari analyzed more than 500 domains used by healthcare organizations and pharmaceutical firms, as well as more than 800 million emails and over 1,900 domains from its Email Trust Network. The report – Agari Industry DMARC Adoption Report for Healthcare – shows that while DMARC can all but eliminate phishing attacks that impersonate domains, only 2% of the top healthcare organizations and fewer than 23% of all healthcare organizations have adopted DMARC. Only 21% of healthcare organizations are using DMARC to monitor for unauthenticated emails, yet those organizations are not blocking phishing emails. Only 2% are protecting...

Read More
TitanHQ Partners with Etihad Stadium to Secure Guest WiFi Network
Nov24

TitanHQ Partners with Etihad Stadium to Secure Guest WiFi Network

TitanHQ has announced it has partnered with the Etihad Stadium in Melbourne and is providing its client-less DNS Internet filtering solution to secure the stadium’s network of more than 700 WiFi access points. As a modern stadium, it was necessary to provide WiFi access to sports fans, but also to ensure that WiFi could be accessed safely and securely. The stadium operators needed to implement security controls to prevent fans from inadvertently downloading malware, visiting phishing websites, or viewing website content that was inappropriate in a public location. A client-based or appliance-based system would have been impractical, so DNS filtering was the natural choice. A DNS-based URL filtering solution would allow accessible web content to be carefully controlled without latency, ensuring fast Internet access speeds could be enjoyed by all visitors to the stadium. The Etihad stadium chose TitanHQ’s WebTitan Cloud for WiFi to protect its 704 high-speed, high-capacity Internet access points spread throughout its 53,359-seater venue and corporate hospitality areas. The Web...

Read More
9,500 Patients Impacted by Medical College of Wisconsin Phishing Attack
Nov21

9,500 Patients Impacted by Medical College of Wisconsin Phishing Attack

A Medical College of Wisconsin phishing attack has resulted in the exposure of approximately 9,500 patients’ protected health information. The attackers managed to gain access to several employees’ email accounts, which contained a range of sensitive information of patients and some faculty staff. The types of information in the compromised email accounts included names, addresses, medical record numbers, dates of birth, health insurance details, medical diagnoses, treatment information, surgical information, and dates of service. A very limited number of individuals also had their Social Security numbers and bank account information exposed. The incident occurred over the space of a week in the summer between July 21 and July 28 when spear phishing emails were sent to specific individuals at the Medical College of Wisconsin. Responding to those emails resulted in the attackers gaining access to email login credentials. Medical College of Wisconsin brought in a computer forensics firm to conduct an investigation into the phishing attack, and while that investigation established...

Read More
Suspected Phishing Attack on UPMC Susquehanna Exposes 1,200 Patients’ PHI
Nov20

Suspected Phishing Attack on UPMC Susquehanna Exposes 1,200 Patients’ PHI

UPMC Susquehanna, a network of hospitals and medical centers in Williamsport, Wellsboro, and Muncy in Pennsylvania, has announced that the protected health information of 1,200 patients has potentially been accessed by unauthorized individuals. Access to patient information is believed to have been gained after an employee responded to a phishing email. While details of the breach date have not been released, UPMC Susquehanna says it discovered the breach on September 21, when an employee reported suspicious activity on their computer. An investigation was launched, which revealed unauthorized individuals had gained access to that individual’s device. It is not known whether the attacker viewed, stole, or misused any patient information, but the possibility of data access and misuse could not be ruled out. The information potentially accessed includes names, contact information, dates of birth, and Social Security numbers. The individuals potentially impacted by the incident had previously received treatment at various UPMC Susquehanna hospitals including Muncy Valley Hospital,...

Read More
October 2017 Healthcare Data Breaches
Nov16

October 2017 Healthcare Data Breaches

In October 2017, there were 27 healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights. Those data breaches resulted in the theft/exposure of 71,377 patient and plan member records. October saw a significant fall in the number of reported breaches compared to September, and a major fall in the number of records exposed. October saw a major reduction in the number of breached records, with the monthly total almost 85% lower than September and almost 88% lower than the average number of records breached over the preceding three months. Healthcare providers were the worst hit in October with 19 reported data breaches. There were six data breaches reported by health plans and at least two incidents involved business associates of HIPAA-covered entities. October 2017 Healthcare Data Breaches by Covered Entity Type Main Causes of October 2017 Healthcare Data Breaches Unauthorized access/disclosures were the biggest causes of healthcare data breaches in October. There were 14 breaches reported involving unauthorized access/disclosures, 8...

Read More
Cybersecurity in Healthcare Report Highlights Sorry State of Security
Nov15

Cybersecurity in Healthcare Report Highlights Sorry State of Security

Infoblox has released a new cybersecurity in healthcare report which has revealed many healthcare organizations are leaving themselves wide open to attack and are making it far too easy for hackers to succeed. The cybersecurity in healthcare report was commissioned to help determine whether the healthcare industry is prepared to deal with the increased threat of cyberattacks. Healthcare IT and security professionals from the United States and United Kingdom were surveyed for the report The report highlighted the sorry state of cybersecurity in healthcare and revealed why cyberattacks so commonly succeed. Devices are left unprotected, outdated operating systems are still in use, many healthcare organizations have poor visibility into network activity, employees are not being trained to identify threats, and there is apathy about security in many organizations. The Poor State of Cybersecurity in Healthcare The use of mobile devices in hospitals has increased significantly in recent years. While the devices can help to improve efficiency, mobile devices can introduce considerable...

Read More
Ursnif Trojan Steals Contacts and Sends Spear Phishing Emails
Nov13

Ursnif Trojan Steals Contacts and Sends Spear Phishing Emails

The banking Trojan Ursnif, one of the most commonly used banking Trojans, has previously been used to attack financial institutions. However, it would appear the actors behind the malware have broadened their horizons, with attacks now being conducted on a wide range of organizations across many different industries, including healthcare. The new version of the Ursnif Trojan was detected by researchers at security firm Barkly. The malware arrived in a phishing email that appeared to have been sent in response to a message sent to another organization. The spear phishing email included the message thread from past conversations, suggesting the email account of the contact had been compromised. The email contained a Word document as an attachment with the message “Morning, Please see attached and confirm.”  While such a message would arouse suspicion if that was the only content in the email body, the inclusion of the message thread added legitimacy to the email. The document contained a malicious macro that ran Powershell commands which tried to download the malicious payload;...

Read More
How Can Healthcare Organizations Prevent Phishing Attacks?
Nov07

How Can Healthcare Organizations Prevent Phishing Attacks?

The threat from phishing is greater than ever before. Healthcare organizations must now invest heavily in phishing defenses to counter the threat and prevent phishing attacks and the theft of credentials and protected health information. Phishing on an Industrial Scale More phishing websites are being developed than ever before. The scale of the problem was highlighted in the Q3 Quarterly Threat Trends Report from Webroot. In December 2016, Webroot reported there were more than 13,000 new phishing websites created every day – Around 390,000 new phishing webpages every month. By Q3, 2017, that figure had risen to more than 46,000 new phishing webpages a day – around 1,385,000 per month. The report indicated 63% of companies surveyed had experienced a phishing related security incident in the past two years. Phishing webpages need to be created on that scale as they are now detected much more rapidly and added to blacklists. Phishing websites now typically remain active for between 4-6 hours, although that short time frame is sufficient for each site to capture many users’...

Read More
New Study Reveals Lack of Phishing Awareness and Data Security Training
Nov03

New Study Reveals Lack of Phishing Awareness and Data Security Training

There is a commonly held view among IT staff that employees are the biggest data security risk; however, when it comes to phishing, even IT security staff are not immune. A quarter of IT workers admitted to falling for a phishing scam, compared to one in five office workers (21%), and 34% of business owners and high-execs, according to a recent survey by Intermedia. For its 2017 Data Vulnerability Report, Intermedia surveyed more than 1,000 full time workers and asked questions about data security and the behaviors that can lead to data breaches, malware and ransomware attacks. When all it takes is for one employee to fall for a phishing email to compromise a network, it is alarming that 14% of office workers either lacked confidence in their ability to detect phishing attacks or were not aware what phishing is. Confidence in the ability to detect phishing scams was generally high among office workers, with 86% believing they could identify phishing emails, although knowledge of ransomware was found to be lacking, especially among female workers. 40% of female workers did not know...

Read More
HIMSS Draws Attention to Five Current Cybersecurity Threats
Nov02

HIMSS Draws Attention to Five Current Cybersecurity Threats

In its October Cybersecurity report, HIMSS draws attention to five current cybersecurity threats that could potentially be used against healthcare organizations to gain access to networks and protected health information. Wi-Fi Attacks Security researchers have identified a new attack method called a key reinstallation (CRACK) attack that can be conducted on WiFi networks using the WPA2 protocol. These attacks take advantage of a flaw in the way the protocol performs a 4-way handshake when a user attempts to connect to the network. By manipulating and replaying the cryptographic handshake messages, it would be possible to reinstall a key that was already in use and to intercept all communications. The use of a VPN when using Wi-Fi networks is strongly recommended to limit the potential for this attack scenario and man-in-the-middle attacks. BadRabbit Ransomware Limited BadRabbit ransomware attacks have occurred in the United States, although the NotPetya style ransomware attacks have been extensive in Ukraine. As with NotPetya, it is believed the intention is to cause disruption...

Read More
Phishing Attacks Using Malicious URLs Rose 600 Percent in Q3, 2017
Oct27

Phishing Attacks Using Malicious URLs Rose 600 Percent in Q3, 2017

As recent healthcare breach notices have shown, phishing poses a major threat to the confidentiality of protected health information (PHI). The past few weeks have seen several healthcare organizations announce email accounts containing the PHI of thousands of patients have been accessed by unauthorized individuals as a result of healthcare employees responding to phishing emails. Report Shows Massive Rise in Phishing Attacks Using Malicious URLs This week has seen the publication of a new report that confirms there has been a major increase in malicious email volume over the past few months. Proofpoint’s Quarterly Threat Report, published on October 26, shows malicious email volume soared in quarter 3, 2017. Compared to the volume of malicious emails recorded in quarter 2, there was an 85% rise in malicious emails in Q3. While attachments have long been used to deliver malware downloaders and other malicious code, Q3 saw a massive rise in phishing attacks using malicious URLs. Clicking those links directs end users to websites where malware is downloaded or login credentials are...

Read More
Employees Sue Lincare Over W2 Phishing Attack
Oct23

Employees Sue Lincare Over W2 Phishing Attack

In February 2017, Lincare Holdings Inc., a supplier of home respiratory therapy products, experienced a breach of sensitive employee data. The W2 forms of thousands of employees were emailed to a fraudster by an employee of the human resources department. The HR department employee was fooled by a business email compromise (BEC) scam. While health data was not exposed, names, addresses, Social Security numbers, and details of employees’ earnings were obtained by the attacker. This year has seen an uptick in W2 phishing scams, with healthcare organizations and schools extensively targeted by scammers. The scam involves the attacker using a compromised company email account – or a spoofed company email address – to request copies of W2 forms from HR department employees. Cyberattacks that result in the sensitive data of patients and consumers being exposed often results in class action lawsuits, although it is relatively rare for employees to take legal action against their employers. Lincare is one of few companies to face a lawsuit for failing to protect employee data. Three former...

Read More
Beazley Publishes 2017 Healthcare Data Breach Report
Oct23

Beazley Publishes 2017 Healthcare Data Breach Report

Beazley, a provider of data breach insurance and response services, has published a special report on healthcare data breaches covering the first nine months of 2017. While hacking and malware attacks are common, by far the biggest cause of healthcare data breaches in 2017 was unintended disclosures. Hacking and malware accounted for 19% of breaches, while unintended disclosures accounted for 41% of incidents. The figures show healthcare organizations are still struggling to prevent human error from resulting in the exposure of health data. As Beazley explains in its report, it is easier to control and mitigate internal breaches than it is to block cyberattacks by outsiders, yet many healthcare organizations are failing to address the problem effectively. “We urge organizations not to ignore this significant risk and to invest time and resources towards employee training.” Beazley notes that the number of cases of employee snooping on records and other insider incidents is getting worse. This time last year, 12% of healthcare data breaches were insider incidents, but in 2017 the...

Read More
Healthcare Phishing Attack Potentially Impacts 16,500 Patients
Oct19

Healthcare Phishing Attack Potentially Impacts 16,500 Patients

Phishing is arguably the biggest data security threat faced by healthcare organizations. The past few weeks have seen several attacks reported by healthcare organizations, with the latest healthcare phishing attack one of the most serious, having affected as many as 16,562 patients. Chase Brexton Health Care reports that the attack occurred on August 2 and August 3, 2017, when multiple phishing emails were delivered to the inboxes of its employees. Phishing attacks commonly take the form of bogus invoices and fake package delivery notifications, although these emails purported to be surveys. After employees completed the surveys they were required to enter their login information. Four employees fell for the scam and divulged their user account credentials. The phishing attack was discovered on August 4 and access to the employees’ accounts was blocked.  However, on August 2 and 3, the accounts of those employees were accessed and the attackers re-route employee payments to their own bank account. While the aim of the phishing attack did not appear to be to gain access to patient...

Read More
Healthcare Data Breaches in September Saw Almost 500K Records Exposed
Oct19

Healthcare Data Breaches in September Saw Almost 500K Records Exposed

Protenus has released its Breach Barometer report which shows there was a significant increase in healthcare data breaches in September. The report includes healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights and security incidents tracked by databreaches.net. The latter have yet to appear on the OCR ‘Wall of Shame.’ In total, Protenus/databreaches.net tracked 46 healthcare data breaches in September. While the total number of breach victims has not been confirmed for all incidents, at least 499,144 healthcare records are known to have been exposed or stolen. The number of records exposed or stolen in four of the month’s breaches has yet to be disclosed. The high number of incidents makes September the second worst month of 2017 for healthcare industry data breaches. Only June was worse, when 52 data breaches were reported. In August, 33 data breaches were reported by healthcare organizations. The report confirms the worst incident of the month was a ransomware attack that saw the records of 128,000 individuals made...

Read More
Network Health Phishing Attack Impacts 51,000 Plan Members
Oct10

Network Health Phishing Attack Impacts 51,000 Plan Members

Wisconsin-based insurer Network Health has notified 51,232 of its plan members that some of their protected health information (PHI) has potentially been accessed by unauthorized individuals. In August 2017, some Network Health employees received sophisticated phishing emails. Two of those employees responded to the scam email and divulged their login credentials to the attackers, who used the details to gain access to their email accounts. The compromised email accounts contained a range of sensitive information including names, phone numbers, addresses, dates of birth, ID numbers, and provider information. No financial information or Social Security numbers were included in the compromised accounts, although certain individuals’ health insurance claim numbers and claim information was potentially accessed. The breach was detected rapidly and the affected accounts were shut down to limit the harm caused. An external cybersecurity consultant was brought in to assess the extent of the attack and perform a forensic analysis to determine whether access to other parts of the network...

Read More
Almost Half of IT Decision Makers Say Cybersecurity Still Not a Priority for Board Members
Oct10

Almost Half of IT Decision Makers Say Cybersecurity Still Not a Priority for Board Members

Fortinet has published the results of its Global Enterprise Security Survey. The report indicates board members are still not taking sufficient interest in cybersecurity, even with the high volume of cyberattacks that are now being reported. The survey was conducted on 1,801 IT decision makers with responsibility/visibility of IT security. The global survey was conducted in 16 countries including the United States, Canada, Germany, France, Australia, India, and the UK. 48% of respondents said they did not believe cybersecurity was a top priority up for discussion by the board, with 77% or respondents believing the board should be scrutinizing IT security much more carefully. IT security is now viewed as a strategic board decision rather than simply an IT investment and a matter for the IT department to deal with. The need for board involvement has been highlighted by the rapid rise in cyberattacks in recent years. 85% of businesses have experienced a security breach in the past two years. The most common attacks involved malware and ransomware. Malware/ransomware attacks had been...

Read More
70% of Employees Lack Privacy and Security Awareness
Oct05

70% of Employees Lack Privacy and Security Awareness

When it comes to privacy and security awareness, many U.S. workers still have a lot to learn. Best practices for privacy and security are still not well understood by 70% of U.S. employees, according to a recent study by MediaPro, a provider of privacy and security awareness training. For the study, MediaPro surveyed 1,012 U.S. employees and asked them a range of questions to determine their understanding of privacy and security, whether they followed industry best practices, and to find out what types of risky behaviors they engage in. 19.7% of respondents came from the healthcare industry – the best represented industry in the study. Respondents were rated on their overall privacy and security awareness scores, being categorized as a hero, novice, or a risk to their organization. 70% of respondents were categorized as a novice or risk. Last year when the study was conducted, 88% of U.S. workers were rated as a novice or risk. Last year, only 12% of respondents ranked as a hero. This year the percentage increased to 30% – A good sign that some employees have responded to...

Read More
SonicWall Reports 524% Increase in Malware Variants in the Past 6 Months
Oct04

SonicWall Reports 524% Increase in Malware Variants in the Past 6 Months

There has been 524% growth in the number of malware variants captured by SonicWall in the past six months and a 57% increase in new malicious files analyzed each day. More than 1,000 new malware variants are now used to attack SonicWall customers each day. The global Wannacry and NotPetya attacks were headline news in 2017 and claimed many victims, but the attacks continued as news coverage died down. New strands of Wannacry and NotPetya malware have been developed and continue to be used to attack organizations that have failed to update and secure their systems. There has also been a significant rise in ransomware cyberattacks on small businesses in 2017. Those attacks can be devastating. A study conducted by Osterman research indicates the number of SMBs forced out of business as a result of ransomware attacks has increased by 22%. With the average cost of a data breach now $3.62 million that comes as no surprise. The massive increase in new malware and ransomware variants places a strain on traditional cybersecurity solutions. The rise in attacks and the high cost of mitigation...

Read More
LightSpeed Systems Incorporates New Options for Filtering SSL and Google Services
Sep28

LightSpeed Systems Incorporates New Options for Filtering SSL and Google Services

One of the biggest challenges for organizations wishing to filter the internet is inspecting encrypted websites without violating the privacy of users. Encryption is important to protect the privacy of web users, but for schools, it poses a challenge. Information such as credit card details need to be protected by encryption, but it is also important for SSL websites to be monitored and web access managed to ensure students are protected. Many schools have problems determining how SSL websites can be decrypted, analyzed, and re-encrypted to protect students with their existing web filter. Schools also want to filter individual YouTube videos, rather than having to block the entire website and prevent students from accessing important educational material. They also want to have visibility into Google searches and block certain searches from generating search results. Similar controls must also be implemented to prevent certain Google images from being displayed. Most schools get around the problem by using proxies, certificates and PAC files, although such measures are not easy to...

Read More
SonicWall Responds to Increasing Cyber Threats with Major Expansion of Cybersecurity Solutions
Sep27

SonicWall Responds to Increasing Cyber Threats with Major Expansion of Cybersecurity Solutions

The massive rise in new ransomware and malware variants, and the increasing sophistication of cyberattacks on businesses have been accompanied by unprecedented innovation at SonicWall, which has rapidly expanded its range of cybersecurity solutions in response to the growing demand for more powerful solutions. SonicWall has now released its new SonicOS operating system, which includes more than 50 new features to enhance security and is the biggest customer-driven release in the history of the company. The SonicOS (v6.5) powers SonicWall’s Automated Real-Time Breach Detection and Prevention Platform. The new release has enhanced threat API capabilities that allow businesses to automate security systems and incorporate third-party intelligence feeds. New wireless features improve connectivity for an increasingly mobile workforce and help security teams enforce their policies across the entire organization. Advanced networking and connectivity capabilities have also been introduced to provide uninterrupted threat protection for connected networks of all types and sizes. The new...

Read More
Webroot Quarterly Threat Trends Report Reveals 1.5 Million New Phishing Sites Created Each Month
Sep22

Webroot Quarterly Threat Trends Report Reveals 1.5 Million New Phishing Sites Created Each Month

Webroot has published its Quarterly Threat Trends Report for Q2, 2017 which highlights the growing threat from phishing. On average, each month in Q2 saw 1.385 million new phishing webpages created each month, although there was a major spike in May when 2.3 million new phishing websites were detected. On average, more than 43,000 new phishing websites are created each day. The quality of the sites has also increased. It is now virtually impossible to tell from the content of the page whether the website is genuine. The websites are highly realistic and use the same imagery, color schemes, logos and graphics as the sites they mimic. The only tell-tale sign that the websites are not genuine are the domain names used. The most commonly spoofed brand is Google. 35% of phishing sites impersonate Google to obtain Gmail and Google Drive credentials. Chase bank is the second most spoofed brand accounting for 15% of sites followed by Dropbox (13%), PayPal (10%), Facebook (7%), Apple (6%), and Yahoo and Wells Fargo (4%). The websites have a common purpose. To fool consumers and business...

Read More
Cyren Collects Two Cybersecurity Breakthrough Awards for Web and Email Security
Sep20

Cyren Collects Two Cybersecurity Breakthrough Awards for Web and Email Security

At this year’s Cybersecurity Breakthrough Awards, Cyren was honored with two awards in the email and web security categories – The only company in this year’s program to collect two awards. The Cybersecurity Breakthrough Awards program was developed to recognize and reward companies that lead the field in IT security and have shown a high level of innovation and have brought exciting, powerful, and reliable cybersecurity products to the market. This year saw more than 2,000 companies and products nominated for the awards with cybersecurity companies from 12 countries competing. Nominees in categories such as email security, web security, threat detection, risk management, APT protection, identity management, mobile security, and risk management were assessed by a panel of independent judges drawn from the information security industry.  Nominees were narrowed down to produce a shortlist of finalists and category winners. Cyren, a provider of web, email, and DNS security solutions, was honored with Hosted Email Security Solution of the Year Award in the email security category....

Read More
Florida Healthy Kids Corporation Announces 2,000 Patients’ Impacted by Phishing Scam
Sep20

Florida Healthy Kids Corporation Announces 2,000 Patients’ Impacted by Phishing Scam

Reports of phishing attacks on healthcare organizations are arriving thick and fast. The latest HIPAA-covered entity to announce it has fallen victim to a phishing scam is Florida Healthy Kids Corporation, an administrator of the Florida KidCare program. On July 25, 2017, phishing emails started to arrive in the inboxes of members of staff, some of whom responded and inadvertently gave the attackers access to the sensitive information of members of the KidCare program. The phishing attack was identified the following day and access to the compromised email accounts was immediately blocked. While the incident was mitigated promptly, the attackers had access to email accounts and data contained in those accounts for approximately 24 hours. During that time, it is possible that the emails were accessed and sensitive information copied, although no reports of abuse of that information have been received and it is not clear whether any information was actually stolen. An analysis of the compromised email accounts revealed the personal information of 2,000 individuals was potentially...

Read More
CyberSecurity Breakthrough Names SonicWall ‘Cybersecurity Company of The Year’
Sep20

CyberSecurity Breakthrough Names SonicWall ‘Cybersecurity Company of The Year’

Each year, CyberSecurity Breakthrough runs an award program that recognizes the efforts and achievements of technology companies, their products, and the people who drive innovation. The awards program covers the full spectrum of cybersecurity solutions including email, web and cloud security, threat detection, fraud prevention, risk management, firewalls, and UTMs across 16 product categories. Each year, the scale of the awards program grows. More than 2,000 nominations were received for this year’s awards program, with companies coming from 12 countries around the world. Those nominations were assessed by a panel of independent expert judges from the cybersecurity community who whittled down the field and selected the companies, products, and people that are having the biggest impact in their respective fields. This year, awards were given to some of the biggest names in cybersecurity including Paloalto networks, Crowdstrike, Proofpoint, Trend Micro, CipherCloud, Avast, and Lookout. There were more than 60 awards issued in this year’s program, with SonicWall chosen as the overall...

Read More
PhishMe Report Shows Organizations Are Struggling to Prevent Phishing Attacks
Sep19

PhishMe Report Shows Organizations Are Struggling to Prevent Phishing Attacks

Organizations are struggling to prevent phishing attacks, according to a recently published survey by PhishMe (now Cofense). The survey, conducted on 200 IT executives from a wide range of industries, revealed 90% of IT executives are most concerned about email-related threats, which is not surprising given the frequency and sophisticated nature of attacks. When attacks do occur, many organizations struggle to identify phishing emails promptly and are hampered by an inefficient phishing response. When asked about how good their organization’s phishing response is, 43% of respondents rated it between totally ineffective and mediocre. Two thirds of respondents said they have had to deal with a security incident resulting from a deceptive email. The survey highlighted several areas where organizations are struggling to prevent phishing attacks and respond quickly when phishing emails make it past their defenses. PhishMe also notes that many first line IT support staff have not received insufficient training or lack the skills to identify phishing emails. Consequently, many fail to...

Read More
5 Months to Notify Patients of Augusta University Medical Center Phishing Attack
Sep18

5 Months to Notify Patients of Augusta University Medical Center Phishing Attack

An Augusta University Medical Center phishing attack has resulted in an unauthorized individual gaining access to the email accounts of two employees. It is unclear exactly when the phishing attack was discovered, although an investigation into the breach was concluded on July 18, 2017. That investigation confirmed access to the employees’ email accounts was gained between April 20-21, 2017. Upon discovery of the breach, access to the email accounts was disabled and passwords were reset. The investigation did not confirm whether any of the information in the accounts had been accessed or copied by the attackers. Patients impacted by the breach have now been notified – five months after the breach occurred. Patients have been informed that the compromised email accounts contained sensitive information such as names, addresses, dates of birth, driver’s license numbers, financial account information, prescription details, diagnoses, treatment information, medical record numbers and Social Security numbers. The amount of information exposed varied for each patient. It is currently...

Read More
Phishing Attack Results in the Exposure of PHI at Morehead Memorial Hospital
Sep18

Phishing Attack Results in the Exposure of PHI at Morehead Memorial Hospital

Morehead Memorial Hospital in Eden, NC has announced two employees have fallen victim to a phishing attack that resulted in an unauthorized individual gaining access to their email accounts. Those accounts contained the protected health information of patients and sensitive information on employees. Upon discovery of the breach, access to the email accounts was blocked and the hospital performed a network-wide password reset. Leading computer forensics experts were hired to assist with the investigation and determine the extent of the breach. The investigation confirmed that access to the accounts was possible and sensitive patient and employee information could have been accessed. While no reports have been received to suggest any information in the accounts has been misused, the possibility of data access and data theft could not be ruled out. The types of information exposed includes names, health insurance payment summaries, health insurance information, treatment overviews, and a limited number of Social Security numbers. Phishing attacks such as this are common. Emails are...

Read More
IWF Blacklist Incorporated into a Category on Cisco Umbrella
Sep08

IWF Blacklist Incorporated into a Category on Cisco Umbrella

Cisco has announced that its users can now quickly and easily block all employees from accessing websites containing images of child sexual abuse. A blacklist of domains and URLs containing images of child abuse is maintained by the UK’s Internet Watch Foundation (IWF). The IWF is a non-profit organization dedicated to removing all online images of child sexual abuse and preventing child sexual content from being accessed via the Internet. The list contains domains and URLs hosted all over the world that have been discovered to contain these sexual images, in addition to non-photographic images of child abuse hosted in the UK. In addition to searching the Internet for illegal sexual images of children, the charity mans a hotline that allows anyone to report websites found to be hosting child sexual images. Those reported URLs and domains are then added to the blacklist. The IWF supplies partners with up-to-date blacklists allowing them to easily block the illegal content via their filtering technologies. Cisco has now partnered with the IWF and has adopted its list and added it as...

Read More
Community Memorial Health System Phishing Attack Reported
Sep07

Community Memorial Health System Phishing Attack Reported

The protected health information of almost 1,000 patients has potentially been accessed as a result of a recent Community Memorial Health System phishing attack. On June 22, 2017, a Community Memorial Health System employee responded to a phishing email and divulged his/her login credentials, allowing an unauthorized individual to gain access to a single email account. The employee realized the mistake the following day and reported the breach to the IT department, which launched an investigation to determine whether any patient information could have been accessed. The email account was discovered to contain a selection of protected health information including patients’ names, medical record numbers, dates of services, and a limited amount of health information. The Social Security numbers of some patients were also potentially compromised. No bank account information or credit/debit card numbers were exposed. The discovery of protected health information in the email account prompted Community Memorial Health System to bring in a computer forensics expert to determine whether...

Read More
New Ransomware and Phishing Warnings for Healthcare Organizations
Aug30

New Ransomware and Phishing Warnings for Healthcare Organizations

Warnings have been issued about a new ransomware variant that is being used in targeted attacks on healthcare organizations and IRS, FBI and Hurricane Harvey themed phishing attacks. Defray Ransomware A new ransomware variant is being used in highly targeted attacks on healthcare organizations in the United States and United Kingdom. Defray ransomware is being distributed in small email campaigns using carefully crafted messages specifically developed to maximize the probability of a response from healthcare providers. The messages claim to have been sent from the Director of Information Management and Technology at the targeted organization and include the hospital’s logos. The documents claim to be patient reports detailing important information for patients, relatives and carers. The messages are being sent to specific individuals in organizations and via distribution lists. The campaigns involve Microsoft Word documents with embedded OLE packager shell objects. Clicking the embedded executable to view the content of the document will see Defray ransomware downloaded. There is...

Read More
Partnerships with Hospitals, Schools and Insurance Firms Fuels Growth at TitanHQ
Aug28

Partnerships with Hospitals, Schools and Insurance Firms Fuels Growth at TitanHQ

TitanHQ has announced it is enjoying sustained growth that has been fueled by new partnerships with hospitals, school districts, and insurance firms who have chosen to secure their wired and wireless networks with the WebTitan web filtering solution and use the firm’s cloud-based anti-spam service to keep their inboxes spam free. Over the course of the past 12 months, TitanHQ has been increasing its healthcare clients. The healthcare industry is being targeted by hackers and ransomware and malware attacks have soared in recent months. Two of the main ways that malware and ransomware is installed is via malicious links in emails and drive-by downloads, which can be blocked with WebTitan. The latest health system to sign up and use WebTitan is the European Hospitals Group – a leading health system in Brussels in Belgium. The multi-lingual hospital group operates two facilities in Uccle and the Etterbeek/European Quarter and employs more than 1,800 staff. The hospital has now implemented WebTitan to prevent web-based malware attacks and to control the content that can be...

Read More
MJHS Phishing Attack Result in the Exposure of 28,000 Individuals’ PHI
Aug24

MJHS Phishing Attack Result in the Exposure of 28,000 Individuals’ PHI

There has been a spate of phishing attacks on healthcare organizations in the past few weeks. The increased threat of attacks prompted the Department of Health and Human Services’ Office for Civil Rights to issue a warning to healthcare organizations, urging them to improve their defenses by conducting regular security awareness training sessions for employees. Phishing is the number one attack vector for delivering malware and successful attacks can result in the theft of considerable amounts of sensitive data. Email accounts contain a wide range of sensitive data on patients – information that can be used to commit identity theft and medical fraud, although oftentimes attacks are conducted to gain access to emails accounts for the purposes of spamming. In the case of the phishing attack on MJHS, the motive of the malicious actor is unknown. Fortunately, rapid identification and mitigation of the attack limited the attacker’s window of opportunity. The compromised email accounts were secured before the accounts could be used to send any emails, although it is possible that the...

Read More
Security Awareness Firm Securecast Acquired by Webroot
Aug16

Security Awareness Firm Securecast Acquired by Webroot

Webroot has announced it has completed the acquisition of Securecast – A security awareness and training platform that can be used by businesses to create a security culture and prepare employees for phishing attacks. Webroot already offers businesses a range of solutions to counter the threat from phishing, although even with layered defenses and technological solutions, some phishing emails will slip through the net. It is therefore essential for businesses to ensure that they take steps to address the human factor in phishing attacks and conduct security awareness training, educate employees on cybersecurity best practices, and train staff how to recognize phishing emails. The acquisition of Securecast will allow Webroot to provide a more comprehensive suite of anti-phishing solutions to its customers. The company has rebranded the platform Webroot Security Awareness Training and will make it generally available for all Webroot customers in the fall when it will be incorporated into the Webroot SecureAnywhere® business portfolio. Over the next couple of months Webroot plans to...

Read More
New Web Filter Bypass Controls Incorporated into Web Filter Longhorn
Aug15

New Web Filter Bypass Controls Incorporated into Web Filter Longhorn

The use of a web filter is essential in many industries, especially in education where it is necessary to block access to adult content and images for CIPA compliance. Implementing a web filter can help to ensure users are prevented from accessing certain categories of web content, although there will be many individuals that attempt to bypass web filter controls and gain access to restricted content. There are several publicly available tools that can be used to bypass web filtering controls, and a quick google search is all it takes to find them. Schools need to have visibility into these attempts and ideally, be able to block all attempts to bypass the web filtering controls. When attempts are made to bypass the web filter, instant alerts are required to allow rapid action to be taken to terminate sessions. Preventing the use of blocking tools such as Ultrasurf, Hotspot Shield, and Psiphon can be problematic with many web filters; however, Lightspeed Systems has a solution. In the latest version of Web Filter Longhorn, users are given better visibility to allow them to rapidly...

Read More
SafeDNS Earns AV-Comparative Award for Web Filtering
Aug14

SafeDNS Earns AV-Comparative Award for Web Filtering

The independent testing lab AV-Comparatives conducts extensive tests of anti-virus and other security software to provide businesses and consumers with advice on the top security products. In this year’s tests on parental control and web filtering solutions, SafeDNS was ranked in the top three out of all parental control solutions under test. SafeDNS provides consumers with the ability to carefully control the types of content that can be accessed via their home networks, with the solution also offered to businesses to prevent employees from accessing content not suitable for the office. One of the main uses of the solution at home and in the workplace is to prevent pornography from being accessed – An area where the solution performs particularly well, blocking 99.8% of adult content in the AV-Comparatives test. No other solution under test performed as well at filtering adult content. Following tests in previous years, SafeDNS has made improvements to its category filters in other areas, notably the blocking of gambling sites and weapons-related content. The solution blocked 94%...

Read More
3,400 Patients’ PHI Potentially Compromised in City of Hope Phishing Attack
Aug10

3,400 Patients’ PHI Potentially Compromised in City of Hope Phishing Attack

A phishing attack on City of Hope has resulted in cybercriminals gaining access to the email accounts of four employees. The emails made it past spam filtering controls and were delivered to employees on May 31 and June 2, 2017. Four employees responded to the requests and disclosed their login credentials to the attackers. City of Hope says the emails appeared to have been sent from a trustworthy source. The attackers used the login credentials to access the accounts, although City of Hope was unable to determine the scope or nature of access. On July 21, City of Hope confirmed that three of the accounts contained patients’ protected health information. The protected health information in the emails included names, addresses, email addresses, contact telephone numbers, dates of birth, dates of service, diagnoses, test results, medication information, and other clinical data. No financial information, insurance details, or Social Security numbers were exposed or accessed. Phishing attacks such as this are not always concerned with obtaining protected health information. Oftentimes,...

Read More
Phishing Email Response Compromises PHI of 2,800 Patients
Aug03

Phishing Email Response Compromises PHI of 2,800 Patients

A response to a phishing email has resulted in the PHI of 2,789 Kaleida Health patients being made accessible to cybercriminals. Kaleida Health discovered the attack on May 24, 2017, prompting a full investigation which involved hiring a third-party computer forensic firm. An analysis of its systems showed that by responding to the phishing email, the employee had provided access to his/her email account. While access to Kaleida Health’s EHR was not gained, the email account contained a range of protected health information of a small subset of its patients. The types of data in the account varied for each patient, but may have included names, dates of birth, medical record numbers, diagnoses, treatment and other clinical data. However, no financial information or Social Security numbers were exposed at any time. While access to the email account was possible, no evidence was uncovered to suggest that the emails were accessed or any protected health information was viewed or copied. However, since the possibility of data access could not be ruled out with a high degree of...

Read More
Protenus Provides Insight into 2017 Healthcare Data Breach Trends
Aug03

Protenus Provides Insight into 2017 Healthcare Data Breach Trends

Protenus, in conjunction with Databreaches.net, has produced its Breach Barometer mid-year review. The report covers all healthcare data breaches reported over the past 6 months and provides valuable insights into 2017 data breach trends. The Breach Barometer is a comprehensive review of healthcare data breaches, covering not only the data breaches reported through the Department of Health and Human Services’ Office for Civil Rights’ breach reporting tool, but also media reports of incidents and public findings. Prior to inclusion in the report, all breaches are independently confirmed by databreaches.net. The Breach Barometer reports delve into the main causes of data breaches reported by healthcare providers, health plans and their business associates. In a webinar on Wednesday, Protenus Co-Founder and president Robert Lord and Dissent of databreaches.net discussed the findings of the mid-year review. Lord explained that between January and June 2017 there have been 233 reported data breaches. Those breaches have impacted 3,159,236 patients. The largest reported breach in the...

Read More
Forcepoint Adds New Capabilities to CASB, Web, and Email Security Solutions
Aug01

Forcepoint Adds New Capabilities to CASB, Web, and Email Security Solutions

Forcepoint has announced its security solutions now incorporate new behavior-driven controls to help protect critical business data, intellectual property, and employee devices. Forcepoint CASB, Web Security and Email Security have all been updated and now have new capabilities. New CASB analytics have been incorporated to help organizations reduce the time it takes to identify data breaches. Forcepoint cites Gartner data, which shows the dwell time between an attack and discovery is an average of 99 days. The longer a breach continues before it is discovered and mitigated the higher the cost to the organization. By using data and analytics it is possible to greatly reduce the time between an attack and detection, and thus reduce the cost and damage caused. Forcepoint CASB helps organizations study the actions of users to identify risky behavior and vulnerabilities, allowing IT teams to take action to be taken before a breach occurs. The solution also helps IT teams identify anomalies which are indicative of a data breach and take rapid action to mitigate attacks. The new...

Read More
96% of SMBs Susceptible to External Cybersecurity Threats
Aug01

96% of SMBs Susceptible to External Cybersecurity Threats

Webroot has published the results of a new study that examined how well small to medium sized businesses are prepared to deal with cyber threats. The study revealed the majority of SMBs are not currently equipped to deal with external cybersecurity risks and believe they are susceptible to external cybersecurity threats. 600 IT decision makers in the UK, USA, and Australia were surveyed by Wakefield Research on behalf of Webroot. All respondents were employed by small to medium sized businesses with between 100 and 499 employees. 96% of respondents said they believe their organization will be susceptible to cyber threats this year and while their organization is aware of the current threat landscape and the growing number of threats, 71% of respondents said they are not well prepared to address them. The main concerns are malware infections, mobile attacks, and phishing incidents. 56% of respondents were most concerned about malware, 48% most concerned about threats to company-owned or BYOD mobile devices, and 47% were particularly concerned about phishing. The fallout from a...

Read More
Phishing Scam Fools University of Vermont Medical Center Employees into Revealing Login Credentials
Jul26

Phishing Scam Fools University of Vermont Medical Center Employees into Revealing Login Credentials

A phishing campaign targeting University of Vermont Medical Center (UVMC) has resulted in criminals gaining access to UVMC email accounts. The phishing emails were sent in late May and two employees responded. Doing so allowed the attackers to temporarily gain access to their email accounts. The phishing emails were part of a large campaign sent to many UVMC employees. Fortunately, only two individuals responded. The emails appeared to have been sent from within the organization. The accounts were compromised on May 22, and on May 24 UVMC detected spam emails being sent from the accounts and shut them down to minimise the damage caused. The electronic medical record system was not compromised, although the email accounts did contain protected health information (PHI) such as names, medical record numbers, addresses, details of medications, medical diagnoses and treatment information.  No Social Security numbers, insurance information or financial data were compromised. It is possible that the purpose of the attack was not to gain access to PHI, only to use the email accounts to...

Read More
Rosalind Franklin University of Medicine and Science Phishing Attack Sees PHI Compromised
Jul18

Rosalind Franklin University of Medicine and Science Phishing Attack Sees PHI Compromised

The protected health information of 859 patients of Rosalind Franklin University of Medicine and Science (RFU) has been compromised and potentially been viewed/stolen. The information was stored in two email accounts that were accessed by unauthorized individuals in May. Access to the email accounts was gained after employees responded to phishing emails. The phishing attack occurred on May 10, 2017 prompting a full investigation. The malicious actors behind the phishing scam gained access to one email account for less than a day and the second email account for a period of 9 days. Access to the second email account was blocked on May 19. Third party security experts were brought in to assist with the investigation to help determine the full extent of the security breach. RFU is now certain that unauthorized access to sensitive data has been blocked. Part of the investigation involved checking all messages in the compromised email accounts for protected health information. The investigation confirmed that the compromised PHI was limited to patients’ names, addresses, dates of...

Read More
PHI of 15,000 UC Davis Health Patients Compromised in Phishing Attack
Jul14

PHI of 15,000 UC Davis Health Patients Compromised in Phishing Attack

University of California Davis Health is alerting almost 15,000 patients that their PHI may have been viewed as a result of an employee falling for a phishing scam. The incident occurred on May 15, 2017. A phishing email was sent to a UC Davis Health employee who responded and unwittingly gave the attacker login credentials to his/her email account. That email account was accessed by the attacker on May 17. It is possible that the attacker accessed the employee’s email messages and viewed and/or obtained patients’ PHI. The investigation did not uncover any evidence to suggest that any patients’ PHI was viewed, although it was not possible to rule out the possibility with a high degree of confidence. On May 17, the attacker used the email account to send emails to other staff members requesting bank transfers for large sums of money. The emails were recognized as fraudulent and were reported to the data security team which secured the email account to prevent further access. Since access to the email account was rapidly blocked it is possible that PHI was not viewed or copied by the...

Read More
Symantec to Acquire Fireglass to Improve Protection from Ransomware, Malware and Phishing Attacks
Jul08

Symantec to Acquire Fireglass to Improve Protection from Ransomware, Malware and Phishing Attacks

The cybersecurity giant Symantec acquired the web security firm Blue Coat last year in a deal worth $4.65 billion. That was followed by the acquisition of the identity theft protection company Lifelock in a deal worth $2.3 billion in November. Now the Security software giant has announced a further acquisition: the Israeli cybersecurity startup Fireglass. At this stage the price and terms of the acquisition deal have not been disclosed. The acquisition of Blue Coat has allowed Symantec to move into the enterprise web security market, LifeLock has helped improve its footprint in the consumer market, and the Fireglass acquisition will allow the firm to improve its malware, ransomware, and phishing protection offerings. Tel Aviv-based Fireglass was founded in 2014 and has developed innovative technology that helps companies protect against malware, ransomware, and phishing threats. Phishing emails target a weak point in security defenses: Employees. While email security solutions can be deployed to block these threats from reaching inboxes, many malicious emails are still delivered....

Read More
GFI Software Recognized for Quality of Support and Product Documentation
Jul07

GFI Software Recognized for Quality of Support and Product Documentation

GFI Software has been recognized for the quality of its customer support and product documentation by the Society of Technical Communications (STC). The STC is an international professional association that evaluates technical communications between companies and customers, and assesses the standard of technical support, product documentation, and company training materials. The aim of the STC is to advance technical communications and promote better content and information management via technical processes. The non-profit organization helps businesses improve their technical support across all media to ensure customers can use products safely, securely, effectively and get the best value from their investment. This year, the GFI Software team has collected four STC awards in the international and regional categories of the STC awards program. In the User Support: Help category, GFI Software collected a Distinguished Technical Communication Award and a Best of Show Award in the regional subcategory, with its regional support also competing with the GFI Help System. The GFI Help...

Read More
Symantec Included in Leader’s Magic Quadrant for Secure Web Gateways
Jul03

Symantec Included in Leader’s Magic Quadrant for Secure Web Gateways

The cybersecurity firm Symantec has been included in the leader’s Magic Quadrant for Secure Web Gateways by Gartner. This year, the company is the only solution provider in the leader’s quadrant that offers both cloud-based and on-premise web gateway solutions. Only one other company was included in the leader’s quadrant this year – Zscaler. Zscaler was rated highest for completeness of vision, while Symantec was rated highest for ability to execute. Three companies were included in the Challenger’s Quadrant, and 5 in the Nice Player’s Quadrant. This is the 10th consecutive year that the technology behind Symantec’s secure web gateway has been included in the Leader’s Quadrant. Symantec was included in 2016 and 2017, and as Blue Coat in earlier years. Symantec acquired Blue Coat last year. Gartner assesses companies for their completeness of vision and ability to execute, with the assessment based on 15 different criteria. The combined assessments across those criteria resulted in Symantec receiving the highest rating. Secure web gateways incorporate URL filtering to control the...

Read More
Kenilworth Update Improves Authentication on Smoothwall Web Filter
Jun29

Kenilworth Update Improves Authentication on Smoothwall Web Filter

The latest update to the Smoothwall web filter sees improvements made to authentication and safeguarding, along with the option of adding a Google sign-in button to the login page to allow access with a single click. One of the main features to be added to the Smoothwall’s secure web gateway web filter by the Kenilworth update is the incorporation of IDex identity indexing, which makes the process of authenticating users far simpler. IDex is also a more scalable identity checking mechanism that authentication. IDex does not depend on a connection to domain controllers for authenticating users and there are no delays to user access with this new identification system. At the heart of IDex is the IDex Directory – a database housed on a Smoothwall appliance that contains all the necessary user identity information. IDex Directory records the username, IP address, groups, and logged-in timestamp for each user, and integrates that information with all Smoothwall services that require identity verification. Data are also replicated across nodes. Workstations have the IDex Client running...

Read More
Fortinet Named Leader in Gartner Magic Quadrant for Unified Threat Management
Jun28

Fortinet Named Leader in Gartner Magic Quadrant for Unified Threat Management

For the 8th consecutive year, Fortinet has been named a leader in Gartner’s Magic Quadrant for Unified Threat Management for its SMB multi-function firewalls. The Magic Quadrant is a graphical representation of competitive positioning, broken down into four quadrants with technology providers ranked as leaders, visionaries, niche players, and challengers. Challengers rank highly for their ability to execute in today’s marketplace, yet they lack understanding of the direction the market will move in the future. Niche players lack focus and do not innovate or outperform other companies, yet may still offer products well suited to many businesses. Visionaries have an excellent grasp of the market but are not executing to their full potential. The leader’s quadrant includes companies that execute well against their current vision and have an excellent understanding of the market and where it is going. The Magic Quadrant provides companies with a view of the relative positions of each player in the market and allows them to determine which companies are performing the best and which are...

Read More
Expanded Webroot and ConnectWise Partnership Help Customers Block Web-Based Threats
Jun07

Expanded Webroot and ConnectWise Partnership Help Customers Block Web-Based Threats

Webroot has expanded its partnership with ConnectWise which will see its Webroot SecureAnywhere® DNS Protection platform offered to ConnectWise customers to help them block web-based threats more effectively. Webroot SecureAnywhere® DNS Protection is a web filtering solution that can be used by businesses to carefully control the websites that can be accessed by employees. Webroot uses IPv4 and IPv6 addresses to classify more than 95% of the Internet at least three times a day, with sites added to one or more of the 80 categories used by the platform. Users can select which categories they allow their employees to access with controls applied for specific users, groups, or for the entire organization. In addition to offering category filtering controls the solution also blocks websites known to host malware and phishing websites. Since more than 85% of malware infections occur via the web, by controlling the websites that employees can access it is possible to significantly improve an organization’s security posture and protect against malware, ransomware, keyloggers, and spyware....

Read More
Purple Move on WiFi Security Sets Example for All Public WiFi Deployments
May25

Purple Move on WiFi Security Sets Example for All Public WiFi Deployments

Wireless networks offer many benefits to healthcare organizations. Healthcare professionals can access networks and data from any location using portable devices, without the need to plug in to the network. Many medical devices connect wirelessly to WiFi networks improving clinical workflows. However wireless networks can also introduce risks. If any PHI is transmitted over wireless networks, HIPAA requires appropriate controls to be applied to safeguard the confidentiality, integrity and availability of PHI. If WiFi networks lack appropriate security, unauthorized individuals could intercept WiFi packets and view sensitive data, including protected health information. Securing internal WiFi networks is therefore essential. The failure to secure WiFi networks would place an organization at risk of a HIPAA penalty. The risk of a HIPAA violation or data breach is a real concern for healthcare organizations. Security concerns have prevented many hospitals from offering WiFi access to patients, even though offering WiFi can improve the patient experience. Many healthcare organizations...

Read More
Webroot AV Update Failure Causes Havoc: Windows System Files and EXE Files Quarantined
Apr24

Webroot AV Update Failure Causes Havoc: Windows System Files and EXE Files Quarantined

A Webroot AV update failure has caused havoc for thousands of customers. An April 24 update saw swathes of critical files miscategorized as malicious. While occasional false positives can be expected on occasion, in this case the error was severe. The Webroot AV update failure resulted in hundreds of Windows system files being miscategorized, resulting in serious stability issues. Many users’ servers and PCs were crippled after the automatic update occurred. The problem did not only affect Windows files. Scores of signed executables and third-party apps were blocked and prevented from running. The error affected all Windows versions and saw critical system files categorized as W32.Trojan.Gen. Those files were moved to Webroot’s quarantine folder after the April 24 update. Once the files were moved, users’ computers started to experience severe problems with many displaying errors. In some cases, the moving of system files to the quarantine folder caused computers to crash. In other cases, apps were prevented from running causing major disruption to businesses. Webroot AV also...

Read More
TitanHQ Partnership with ADTRAN Enables MSPs to Deliver Cloud-Based Security Solutions
Apr11

TitanHQ Partnership with ADTRAN Enables MSPs to Deliver Cloud-Based Security Solutions

TitanHQ has announced a new partnership with ADTRAN, the leading global provider of communications and networking equipment. The partnership will see ADTRAN expand its ProCloud Subscription Services Suite to four new solution categories to better meet the needs of managed service providers (MSPs). The ProCloud Subscription Services Suite brings together industry-leading cloud-based solutions to allow MSPs to better meet the needs of their customers. The four solution categories that now comprise the suite of services are ProCloud Unified Communications, ProCloud Analytics, ProCloud Network Management and ProCloud Security. TitanHQ’s cloud-based web filtering solution – WebTitan – and cloud-based spam filtering solution – SpamTitan – have been added to the ProCloud Security solution. WebTitan allows organizations to carefully control the web content that can be accessed by employees while protecting organisations from a wide range of web-borne threats such as phishing websites and downloads of ransomware and malware.  SpamTitan is a full-service email security solution that...

Read More
Phishing Attack Potentially Impacts 80,000 Patients of Washington University School of Medicine
Mar31

Phishing Attack Potentially Impacts 80,000 Patients of Washington University School of Medicine

A phishing attack on the Washington University School of Medicine has resulted in a number of staff members’ email accounts being compromised. Washington University School of Medicine learned of the phishing attack on January 24, 2017, more than seven weeks after the attack occurred. An investigation into the incident revealed the attack occurred on December 2, 2016. Phishing emails use a variety of social engineering techniques to fool end users into revealing sensitive information such as usernames, passwords, or bank details. In this case, the phishing emails were used to obtain login credentials to staff members’ email accounts. Email accounts contain a treasure trove of information. An investigation revealed the compromised accounts contained the protected health information of 80,270 patients. Data in the accounts included patients’ names, dates of birth, medical record numbers, clinical information, medical diagnoses and treatment information. Some patients’ Social Security numbers were also exposed as a result of the attack. The investigation did not uncover any evidence to...

Read More
Web Filter Longhorn Version 3.2.1 Released
Mar30

Web Filter Longhorn Version 3.2.1 Released

Lightspeed Systems has released an updated version of its education industry-focused web filter Longhorn. Version 3.21 of Web Filter Longhorn incorporates a number of enhancements to make monitoring and managing website and mobile traffic easier. The new web filter has been made more powerful, incorporating enhanced SSL decryption and more intelligent user identification to ensure users can be easily identified regardless of where they are accessing the Internet. The Adaptive AI database has also been improved for more accurate categorization of websites, reducing the potential for the overblocking of website content. Other major updates include: Allowing users to prioritize identification methods and select the order that each method of identification will be attempted. The addition of a second level of control for restricting access to YouTube videos. If used, administrators can set the YouTube filter as strict or moderate. Version 3.2.1 now incorporates Bing Safe Search, in addition to Google Safe Search The certificate installation process has been simplified by changing the...

Read More
GFI Software Launches New Email Security and IT Management Platforms
Mar21

GFI Software Launches New Email Security and IT Management Platforms

GFI Software has announced the launch of two new software platforms which have now been finalized after an extensive period of evaluation. Both products have been in beta form since November 2016 and have been tested by a limited group of users who have provided comments and feedback. GFI Software has taken the feedback on board and has made changes to the implementation of certain features to make the products more user friendly. The solutions include enterprise-class IT management features tailored for small business users. GFI OneGuard is an IT management platform that allows sysadmins to manage, monitor, and secure their networks through a single management console. The platform maintains an inventory of all hardware and software and helps keep all software systems up to date by scanning for out of date installations, unpatched systems and vulnerabilities that could potentially be exploited to gain access to networks and data. Beta testers praised the solution for its unified view of patch management, AV protection, and asset tracking and the ability to automate time consuming...

Read More
Smoothwall Inverness Update Sees Improvements Made to Safeguarding and Firewall
Mar14

Smoothwall Inverness Update Sees Improvements Made to Safeguarding and Firewall

The Inverness update to Smoothwall products sees several improvements made to the firewall and Safeguarding features to improve usability. The changes made to the firewall include a new user interface that clearly displays all firewall rules, together with the configuration specified for each. The rules are also displayed in groups of similar rules to make administration easier. Configuring and editing firewall rules has also been simplified with a new pop-up that requires fewer clicks. Objects can be created and used for groups of IP addresses and services, with one rule applying to several different addresses. Objects can also be reused for other rules. Improvements have also been made to the firewall log viewer, incorporating more information on the screen to make it quicker and easier for users to find the information they need. Details of specific connections can also be found more easily thanks to a new log filter system. The web filter benefits from two new filtering categories – Web Hosting and Collaboration Software. The Web hosting category includes sites that offer...

Read More
Citizens Memorial Hospital Latest Victim of W-2 Phishing Scam
Feb17

Citizens Memorial Hospital Latest Victim of W-2 Phishing Scam

Another healthcare provider has announced that one of its employees has been fooled by a W-2 phishing scam. Citizens Memorial Hospital in Bolivar, MO., says a request for W-2 Form data was sent to one of its employees by email. The employee responded to the request believing the message was legitimate and had been sent internally. W-2 Forms for all employees at the 86-bed hospital who had taxable earnings for the 2016 fiscal year were sent via email to the scammers as requested. No announcement has been made about the number of employees impacted by the incident. The hospital discovered it was the victim of a scam the following day. The incident has been reported to both the FBI and the IRS and affected employees have been notified and offered 2 years of identity theft protection services without charge through Experian. The incident is not a HIPAA breach as HIPAA Rules do not apply to employee data. To prevent repeat attacks, Citizens Memorial Hospital will be enhancing its data security education programs. Staff will receive further training to help them identify any further...

Read More
Cisco Launches First Cloud-Based Secure Internet Gateway
Feb09

Cisco Launches First Cloud-Based Secure Internet Gateway

The popularity of Software-as-a-Service (SaaS) applications has grown considerably in recent years. Working practices have changed, and SaaS is well suited to an increasingly mobile workforce. SaaS is certainly not a fad. The use of SaaS is likely to grow considerably over the coming years, with Gartner predicting an increase in SaaS use of 70% by 2018. While branch offices used to connect to the Internet via the corporate network, now many offices are connecting to the Internet directly, which means they bypass many network and Internet security controls. Not only does this increase risk, organizations potentially now lack visibility into threats targeting certain sections of the enterprise. One way organizations have got around this is with the use of virtual private networks (VPNs), although VPNs are not always used by employees. A recent survey conducted by IDG revealed 82% of mobile workers did not always use VPNs. An alternative strategy is to use on-premise web gateway solutions; however, multiple secure web gateways add complexity and latency and are therefore far from an...

Read More
IRS Issues Warning About W-2 Phishing Scams
Feb07

IRS Issues Warning About W-2 Phishing Scams

W-2 phishing scams increased considerably in 2015 prompting the IRS to issue a warning about the risk of attack. Now, just over 4 weeks into 2017, the IRS has issued a further warning in response to the sheer number of W-2 phishing scams that have been reported so far this year. This type of scam – often referred to as business email compromise (BEC) or business email spoofing (BES) – is simple, but highly effective. The attacker sends an email request to a payroll or HR staff member and requests W-2 Form data for the entire workforce by return. Typically, the request is for the W-2 Forms of all individuals who worked in the previous tax year. The information is often asked for in PDF format. The request appears to come from the company’s CEO, CFO, or another high-ranking executive with authority. Payroll and HR employee respond to the email and send data as requested as the email seems genuine. The individual who appears to have sent the request is likely to have a need for the information. Research is conducted on the company by the attackers. They find out the email...

Read More
Email Spam Surged in 2016: 65% of Emails are Spam
Feb03

Email Spam Surged in 2016: 65% of Emails are Spam

Email spam is seen by many as a productivity draining nuisance. It clogs inboxes and takes up precious time; although the volume of malicious spam has grown significantly in the past 12 months. Email spam remains a major security threat. In 2010, following takedowns of botnets and arrests of key spammers, spam email volume fell. Spam email volume has since been relatively low. However, a recent analysis of email traffic by Cisco Systems has shown that spam email volume rose significantly last year. Cisco tracked spam using opt-in customer telemetry and its data show that spam email now accounts for 65% of all emails sent. The sharp rise in email spam has been attributed to the growth of spam botnets such as Necurs. The Necurs botnet is one of the primary vectors used to deliver Locky ransomware and the Dridex banking Trojan. The number of IP connection blocks added to the botnet increased significantly last year. Between August and October, Cisco reports a doubling of IP addresses used by the botnet, rising from around 200,000 to 400,000 IP addresses during that period. In 2010,...

Read More
Hacking and Phishing Attacks Continue to Plague Healthcare Organizations
Feb02

Hacking and Phishing Attacks Continue to Plague Healthcare Organizations

Hacks, phishing attacks, malware, ransomware, insider incidents and W-2 scams – Cyberattacks on healthcare organizations are now coming from all angles. Attacks are also happening much more frequently than in years gone by. The healthcare industry is clearly under attack and is being extensively targeted by cybercriminals. As long as it remains profitable to do so, those attacks will continue. The value of healthcare data may have fallen with a glut of stolen data listed for sale on darknet marketplaces, but large healthcare databases still net cybercriminals considerable profits. Furthermore, cyberattacks on healthcare organizations are easy in many cases due to relatively poor defenses, outdated operating systems, poor patch management practices, and a lack of cybersecurity and anti-phishing training for employees. 2016: A Torrid Year for The Healthcare Industry 2016 may not have been the worst year for healthcare industry data breaches in terms of the number of healthcare records stolen, nor did we see the worst ever healthcare industry data security incident; however, 2016 saw...

Read More
Internet Security as a Service Platform Launched by Cyren
Feb02

Internet Security as a Service Platform Launched by Cyren

Cybersecurity firm Cyren has announced the launch of a new Cyren Cloud Security platform, which combines Internet, email, and DNS security with cloud sandboxing in a single cloud-based platform, with all services accessible through a single pane of glass. Email and web security solutions had previously been developed by Cyren, although both were offered as separate solutions. The combination of these cloud security services into the same platform makes it easier for businesses to implement, configure, and manage the solutions. Cyren Cloud Security 4.0 offers users a single dashboard through which summaries of the web and email threats that have been detected and blocked can be viewed. The dashboard allows administrators to see threat summaries at a glance and drill down for more detailed information. Cyren Cloud Security uses a common policy framework for email and web security services with integrated reporting, license management, and customer onboarding. At the heart of the platform is the Cyren GlobalView Threat Intelligence Cloud, which offers industry leading detection,...

Read More
Kerio Technologies Acquired by GFI Software
Jan20

Kerio Technologies Acquired by GFI Software

GFI Software has announced it has acquired Kerio Technologies, a provider of unified threat management and collaboration software for small to medium sized businesses. The acquisition will see Kerio Technologies’ suite of solutions incorporated into GFI Software’s portfolio of products. Kerio Connect, Kerio Control, Kerio Cloud, and Kerio Operator will now be made available to GFI Software MSPs, resellers, and customers. San Jose, CA-based Kerio Technologies was founded in 1997 and has developed a range of communications and security solutions for small to medium sized businesses. Those solutions have been deployed by more than 60,000 businesses in more than 100 countries around the world. The simple but powerful communication and security tools were available exclusively through an extensive partner network with more than 6,500 resellers. The suite of solutions includes email security, UTM/firewalls, VoIP and collaboration tools and were used by millions of end users around the globe. GFI Software is part of the ESW Capital group of companies and has developed its own range of...

Read More
New Security Categories Added to Cisco Umbrella to Monitor and Block DNS Tunneling
Jan17

New Security Categories Added to Cisco Umbrella to Monitor and Block DNS Tunneling

Cisco has added two new security categories to Umbrella to help customers identify and analyze potentially harmful Internet traffic and security threats. The two new categories – DNS tunneling VPN and Potentially Harmful – help customers mange the risk of DNS tunneling and identify and block data loss. DNS tunnelling allows the data of programs and protocols in DNS responses and queries to be encoded. DNS tunnelling is used by anti-virus and anti-malware programs to obtain signatures to update virus definition lists. While this use of DNS tunnelling is legitimate, malicious actors can similarly use DNS tunnelling to hide outbound traffic – communications between malware and C2 servers or to hide the exfiltration of data. Many organizations do not monitor for this type of traffic, so it can be difficult to detect data loss and malware communications. To help customers identify this malicious traffic, Cisco has incorporated the new DNS tunneling VPN as a security category within Umbrella. Commercial DNS tunneling VPN services can be used to mask or hide traffic as DNS queries,...

Read More
108 L.A. County Employees Fall for Phishing Attack: 756,000 Impacted
Jan03

108 L.A. County Employees Fall for Phishing Attack: 756,000 Impacted

It has taken some time for the County of Los Angeles to announce it was the victim of a major phishing attack, especially considering the attack was discovered within 24 hours of the May, 2016 breach. However, notification had to be delayed so as not to interfere with an “extensive” criminal investigation. The investigation into the phishing attack was conducted by county district attorney Jackie Lacey’s cyber investigation response team. In many cases, cybercriminals are able to effectively mask their identities and it is relatively rare for the individuals responsible for phishing attacks to be identified. Bringing individuals to justice is harder still. All too often the perpetrators are based overseas. In this case, the investigation has resulted in the identification of a suspect: Austin Kelvin Onaghinor, 37, of Nigeria. On December 15, 2016, a criminal arrest warrant for Onaghinor was issued. Onaghinor faces nine charges related to the phishing attack, including theft and misuse of L.A. County confidential information, unauthorized computer access, and identity theft....

Read More
New TitanHQ Partnership Sees Enterprise Anti-Spam Solution Pushed Throughout Middle East
Jan03

New TitanHQ Partnership Sees Enterprise Anti-Spam Solution Pushed Throughout Middle East

TitanHQ has announced a new partnership with Middle-East based cybersecurity firm Zservices. The new collaboration will see TitanHQ’s enterprise anti-spam solution – SpamTitan – pushed to large organizations based in the Middle East, Africa, and India. The new partnership deal was announced during Enterprise Ireland’s trade mission to the Kingdom of Saudi Arabia and the United Arab Emirates. TitanHQ was formed in 1999 in Galway, Ireland and has fast grown into a global cybersecurity solution provider with more than 75 partner offices worldwide. Over almost 20 years, TitanHQ has developed a deep understanding of the complex threat landscape and has developed a range of cybersecurity solutions to protect organizations’ networks from increasingly sophisticated web and email-borne threats. TitanHQ has enjoyed tremendous global success with its anti-spam and web filtering solutions. The affordable, subscription-based security solutions are powerful tools that keep enterprise networks secure from web and email-borne threats. TitanHQ’s SpamTitan, WebTitan, and ArcTitan...

Read More
Phishing Emails Used in 91% of Cyberattacks
Dec14

Phishing Emails Used in 91% of Cyberattacks

A single phishing email is all it may take for a cybercriminal to gain access to a computer network and sensitive data. Even when organizations have developed highly sophisticated cybersecurity defenses, a single spear phishing email can see those defenses bypassed. According to a recent study by PhishMe, 91% of cyberattacks commence with spear phishing emails. For the study, PhishMe assessed response rates from more than 40 million phishing email simulations that were sent to around 1,000 organizations over the past 12 months. The study revealed that even though healthcare organizations conduct security awareness training, healthcare employees have a phishing email response rate of 31%. Cybercriminals use a range of social engineering techniques to fool end users into clicking on malicious links, opening infected email attachments, or revealing sensitive information such as login credentials. End users are often fooled into opening fake order confirmations, job applications, notifications of failed deliveries, security updates, and legal notices, but in many cases the phishing...

Read More
Web Security Gateway Updated by Barracuda
Nov22

Web Security Gateway Updated by Barracuda

Barracuda Networks has announced new updates have been released for its Web Filter Gateways (version 11.0) that provide greater protection from advanced threats and ransomware. Customers can now benefit from Barracuda’s cloud-based microservice – Advanced Threat Detection – which provides greater protection from targeted attacks, including ransomware, thanks to integration with Barracuda Web Filter Gateways. The latest models of the Barracuda Web Security Gateway – models 610 and above – now include dedicated SSL acceleration hardware to speed up SSL inspection of encrypted web traffic. As more sites move to HTTPS, including those created by threat actors, it is essential for encrypted traffic to be inspected since these encrypted connections are now often used to hide inappropriate or malicious content. However, SSL inspection can put a strain on network performance as it is resource intensive. The new SSL acceleration hardware improves performance, doubling the speed of SSL inspection. The Web Filter Gateways now integrate seamlessly with Barracuda NextGen firewalls and...

Read More
Secure Mobile Access 1000 Series OS 12.0 Launched by SonicWall
Nov16

Secure Mobile Access 1000 Series OS 12.0 Launched by SonicWall

As more businesses take advantage of remote workers, and the use of mobile devices grows, businesses seek solutions that provide an equivalent level of protection for remote and mobile workers as can be achieved within an organization’s facilities. SonicWall’s answer is the Secure Mobile Access (SMA) solution which allows security policy enforcement for mobile and remote workers. This week, SonicWall announced it has launched an updated version of its Secure Mobile Access 1000 Series OS. Version 12.0 includes several enhancements to improve security for remote and mobile users, regardless of the data types accessed or devices used to connect to cloud and on-premise resources. The solution offers enforced SSL VPN to essential applications, data and resources regardless of device type or operating system, with access granted only to trusted users with access rights determined by the health metrics of the connecting device and its location. The solution allows up to 20,000 connections per appliance and large enterprises can combined appliances to provide hundreds of thousands of...

Read More
Millennials Pose Significant Risk to IT Security, Reports Forcepoint
Oct26

Millennials Pose Significant Risk to IT Security, Reports Forcepoint

The results from a recently published Forcepoint survey shows millennials are placing the security of their organizations at risk by engaging in risky behaviors. The survey showed millennials were more likely to take short cuts to improve productivity, even though those behaviors placed security at risk. Forcepoint says action needs to be taken now to prevent the attitudes and behaviors of the younger generation from taking hold, especially in government organizations. The failure to address security issues could place U.S government IT systems in jeopardy. The study was conducted on 670 individuals and assessed attitudes and behaviors that increased the risk of cyberattacks, malware infections, and data breaches. The survey showed that millennials were regularly using unsecured WiFi networks for work without the use of VPNs. Password sharing was common, as was the belief that cybersecurity was an issue for IT departments to deal with. The survey suggests millennials believe they are well educated in cybersecurity matters and are confident about their level of security awareness....

Read More
BayState Health Discovers 13,000 Patients Impacted by Phishing Attack
Oct24

BayState Health Discovers 13,000 Patients Impacted by Phishing Attack

Springfield-MA-based Baystate Health has announced that five employees have fallen victim to a phishing scam that has potentially resulted in the exposure of the protected health information of as many as 13,000 patients. Scam emails were sent to a number of Baystate Health employees in August this year. The emails were well-written and realistic and appeared to have been sent internally from the human resources office. The emails appeared to have been sent to advise employees of some important changes to salaries and other important HR importation. However, by following the instructions in the email to view the information, employees inadvertently gave the attackers access to their email accounts and also a Baystate Health database which contained sensitive patient data. An investigation was launched into the phishing attack which revealed that names, demographic information, patient ID numbers, and dates of birth were all potentially been accessed by the attackers. Certain patients’ treatments and diagnoses were also exposed as a result of the scam. The investigation did not...

Read More
TitanHQ Protects McDonalds Restaurants from Malicious Email Messages
Oct15

TitanHQ Protects McDonalds Restaurants from Malicious Email Messages

TitanHQ has announced a new partnership with McDonalds (Phillipines) to protect employees from phishing attacks and emails used to spread malware and ransomware infections. TitanHQ has now completed rolling out its award-winning anti-spam solution – SpamTitan – and is now protecting McDonalds employees across the 500+ McDonalds restaurants throughout the Philippines. While international law enforcement operations have successfully taken down major spamming botnets and there has been a reduction in spam messages as a result, spam email remains a major attack vector. In fact, figures from the Anti-Phishing Working Group (APWG) show that phishing attacks are on the increase. APWG recently announced that there are now more phishing attacks taking place than at any other time in history. While phishing and other malicious emails used to be relatively easy to identify, cybercriminals have added a new level of sophistication to their phishing attacks. It is becoming increasingly difficult for employees to identify phishing emails; therefore, a technological solution is required to prevent...

Read More
GFI Software Launches Customer Loyalty Program
Sep01

GFI Software Launches Customer Loyalty Program

The email archiving and cybersecurity solution provider GFI Software has announced it has launched a new customer loyalty program called GFI Prime. Customers qualifying for GFI Prime will be given benefits as a reward for choosing GFI Software as their cybersecurity or email archiving partner and will be able to select at least one additional product from the GFI Software range and install and use the solution free of charge. The program rewards customers who have been using qualifying GFI Software products for more than a year. From September 1, 2016, customers qualifying for the GFI Prime loyalty program will be able to install one additional GFI software product immediately. When customers take out a new plan over multiple years, or renew a multi-year license or subscription, they will be allowed to install an additional GFI Software product without charge. GFI Software notes that the additional products will continue to be provided free of charge as long as licenses or subscriptions to qualifying GFI Prime products continue to be renewed. Existing customers can check...

Read More
SafeDNS Enhances Web Filter to Improve Detection of Malicious Resources
Aug01

SafeDNS Enhances Web Filter to Improve Detection of Malicious Resources

SafeDNS, a provider of web filtering solutions for home and business users, has launched a new version of its platform featuring new proprietary technology that has significantly improved the detection of malicious websites. Since the new technology was implemented, detection of malware and other malicious websites and webpages by SafeDNS has increased by 66%. The solution is now able to accurately detect 98% of malicious websites. Many web filtering solutions rely on blacklists of known malicious websites to determine whether access to page content should be granted. Unfortunately, solutions that only rely on blacklists fail to block a large percentage of phishing websites and sites containing malware and exploit kits, as there is often a significant delay between the creation of a malicious website and its inclusion on a blacklist. The new SafeDNS system places less reliance on static lists and instead maintains its own list of websites based on its own analyses of sites. Multiple new methods of assessing websites have been incorporated into the latest version of the platform...

Read More
Forcepoint Introduces New Technology to Secure Connections for Roaming Workers
Aug01

Forcepoint Introduces New Technology to Secure Connections for Roaming Workers

IT teams may be able to secure their wired and wireless on-premises networks, although it is much harder to secure users’ connections to the Internet when they are outside the corporate network and connect to the Internet via wireless hotspots. Organizations with a high percentage of remote or mobile workers often struggle to secure employees’ devices and provide secure, reliable access to data via third-party networks and public Wi-Fi hotspots. A highly mobile workforce is now becoming the norm with more workers now accessing networks remotely, and that calls for technological solutions to ensure devices and data remain secure.  Unfortunately, while many cloud-based security solutions can be deployed to reduce risk, many do not give IT security teams visibility in the actions taken by remote workers. Many solutions also mask the users’ true locations, which means it is not possible to access localized content and neither enforce geofencing controls. Forcepoint has now developed a solution that helps organizations improve security for a mobile workforce and ensure visibility into...

Read More
New Blue Coat Appliance Gives Organizations Better Visibility into Encrypted Traffic
Jul31

New Blue Coat Appliance Gives Organizations Better Visibility into Encrypted Traffic

Malicious actors are increasingly using SSL traffic to hide malware according to security researchers at Blue Coat Systems. The use of SSL/TLS encrypted sites is growing due to concern about the privacy of website visitors. While SSL/TLS offers increased security, it also gives malicious actors the opportunity to hide malware, command and control center communications, and data exfiltration. The threat is rising at an alarming rate. Blue Coat researchers identified 58 times as many SSL-cloaked C&C channels and 200-fold rise in C&C servers using SSL in 2015. While organizations have implemented URL filtering and secure web gateways to protect their networks from malware, many solutions do not have visibility into encrypted traffic. Many organizations find that security appliances that can decrypt and re-encrypt SSL traffic are not without their issues. The capacity of some appliances and filtering solutions reduces by as much as 80% when configured to inspect SSL traffic, meaning SSL inspection must be turned off or capacity needs to be expanded. Blue Coat’s solution is a...

Read More
Smoothwall Releases Glamis Product Update
Jul05

Smoothwall Releases Glamis Product Update

The latest product update from Smoothwall – named Glamis – sees several changes to improve speed and usability of its system, with key changes made to safeguarding, malware detection, and reporting. New filtering categories have been added to the Guardian web filter engine covering ‘APIs and web libraries’ (excluding CDNs), and ‘Computing’. Computing covers the websites of tech companies, sites relating to programming languages, and news from the computer industry. Note that this category excludes computer games, which are covered by the online games and computer games categories. The web filter also sees Smoothwall change its malware detection engine to Bitdefender. Bitdefender often tops industry malware detection lists and was chosen for the excellent level of protection it provides and the comprehensive range of file types covered. Other advantages are an increased maximum file size that can be scanned (1GB). The update to the malware detection engine requires the downloading of Bitdefender signatures. This will happen automatically, but the download will take serval minutes to...

Read More
Symantec Announces Acquisition of Web Security Firm Blue Coat in $4.65 Billion Deal
Jun12

Symantec Announces Acquisition of Web Security Firm Blue Coat in $4.65 Billion Deal

In a deal worth approximately $4.65 billion in cash, Symantec will acquire the web security firm Blue Coat Inc.  The Boards of Directors at both companies have approved the acquisition and the deal is expected to go through in Q3, 2016. Blue Coat currently has the largest share in the web security market and has GAAP revenue for the fiscal year ending on April 30, 2016 of $598 million and non-GAAP revenue of $755 million. The company has developed an extensive portfolio of technologies and has developed a Cloud Generation Security platform that is being used by more than 15,000 customers. The company continues to develop new products and expand its customer base and has achieved year-on-year growth of 17%. Under the deal, Blue Coat Chief Executive Officer Greg Clark will become the CEO of Symantec and will join the Symantec Board. The acquisition will help Symantec maintain is position as a leader in the field of cybersecurity, with its customers protected from a much wider range of cyberthreats. Symantec will be able to offer best-in-class protection, detection, and remediation of...

Read More
Verity Health System Victim of Phishing Attack
Jun03

Verity Health System Victim of Phishing Attack

Verity Health System has fallen victim to a phishing attack resulting in sensitive employee data being emailed outside the company. Employee names, addresses, Social Security numbers, amount earned in the financial year, and details of tax withheld have been disclosed to the attacker. The breach only affected past and present employees who would have received a W-2 for the past financial year. No patient data was compromised in the breach. An email was received on April 27, 2016., which appeared to have been sent from an individual inside the organization. The email asked for information on Verity employees, which was sent as requested. The scam was discovered just over three weeks later. The Oregon-based healthcare provider is one of a large number of companies that have fallen victim to this kind of scam this year. These phishing attacks are often referred to as business email compromise scams, although internal email accounts are not always compromised. Oftentimes, attackers purchase a similar domain to that used by the targeted organization. The letter ‘I’ could be replaced...

Read More
TitanHQ Receives Red Herring Top 100 Europe Award
Jun01

TitanHQ Receives Red Herring Top 100 Europe Award

TitanHQ has picked up a ‘Top 100’ Award at this year’s Red Herring Europe Awards – one of the most prestigious awards for technology companies. The Red Herring Awards are an annual event where private technology ventures are honored for their innovation, potential, track record and financial performance. Each nominated company is comprehensively assessed on 20 criteria, including market footprint, quality of management, proof of concept, innovation and execution of strategy. While many awards recognize the potential of a company, the Red Herring panel of judges looks more deeply at a company, giving an unparalleled insight into the best technology vendors, not just their products by the ability to develop them into industry-leading offerings. The detailed reviews of each company mean the Top 100 Award winners list gives a clear view of the most innovative companies with the greatest potential, providing invaluable information on the hottest prospects for venture investors. This in depth look at the best of the best in the field of technology resulted in the potential of some of the...

Read More
Wyoming Medical Center Phishing Attack Exposes PHI of 3,184 Patients
Apr22

Wyoming Medical Center Phishing Attack Exposes PHI of 3,184 Patients

A phishing attack on Wyoming Medical Center of Casper in February has resulted in the exposure of 3,184 patients’ protected health information. Two employees clicked on links contained in phishing emails and compromised their accounts. The first employee to fall for the phishing scam clicked on the link on February 22, 2016, with the second employee falling for the scam three days later. Wyoming Medical Center quickly became aware that email accounts had been compromised because the accounts were used by the attackers to send spam emails to other hospital employees. According to a statement released by hospital spokeswoman Kristy Bleizeffer, access to the email accounts was gained for 15 minutes only. As soon as the intrusion was discovered, IT staff started updating passwords to lock out the attackers. An investigation into the breach did not uncover any evidence to suggest emails were accessed by the attacker. Due to the limited time that the email accounts were compromised it is unlikely that the attackers succeeded in gaining access to the PHI of patients. An investigation into...

Read More
SafeDNS Joins Friendly WiFi Initiative
Apr12

SafeDNS Joins Friendly WiFi Initiative

Parental control and web filtering company SafeDNS has been accredited as ‘Wi-Fi Friendly’ and is now an approved vendor of web filtering solutions that ensure minors can access the Internet safely and securely. The Friendly WiFi Initiative is the world’s first public Wi-Fi accreditation scheme, which was devised by RDI (UK) Holdings in conjunction with the UK government and the UK Council for Child Internet Safety. The aim of the initiative is to encourage businesses that offer Wi-Fi access to their customers, clients, and patrons to ensure only family friendly websites can be accessed via their networks. This is of particular importance in locations where minors may visit, such as coffee shops, restaurants, venues, hospitals, and libraries. To be accredited, an organization’s web filtering solution is subjected to stringent tests to ensure it is effective at blocking access to obscene images and other adult and undesirable content. Organizations that pass the assessment can display the Friendly Wi-Fi symbol. Businesses that use a Friendly Wi-Fi Approved Vendor’s solution can...

Read More
Phishing Attack Reported by Metropolitan Jewish Health System Inc.
Apr05

Phishing Attack Reported by Metropolitan Jewish Health System Inc.

Metropolitan Jewish Health System, Inc., (MJHS) is the latest healthcare organization to announce it has fallen victim to a phishing attack. The incident appears to have resulted in one email account being compromised, although an investigation is still ongoing to determine if any other email accounts were also affected. An employee of MJHS responded to a phishing email on January 18, 2016., but the breach was not discovered until January 22, giving the attacker access to the email account for four days. As soon as MJHS learned of the incident the email account was shut down and an investigation was launched. An analysis of the data contained in the employee’s email account revealed 2,483 patients’ protected health information had potentially been compromised. MJHS did not disclose whether emails had been accessed by the attacker, but no reports have been received to suggest any PHI has been used inappropriately. Patients affected by the data breach had previously received medical services from Menorah Center for Rehabilitation and Nursing Care; MJHS Home Care; MJHS Hospice and...

Read More
Smoothwall Framlingham Update Introduces Google as a Directory Service
Mar08

Smoothwall Framlingham Update Introduces Google as a Directory Service

Smoothwall has released its Framlingham update, making several changes to authentication, implementing an easier way to filter the Internet on Chromebooks, as well as enhancements to safeguarding and reporting. Thanks to a new directory type, it is now possible for filtering on Chromebooks to be based on Google Apps memberships without having to use GADS to link an Active Directory to Google. System administrators can map Smoothwall groups to Google groups allowing Smoothwall content filtering policies to be applied to Google groups. Synchronization does not occur automatically when a user logs in via their Google account, instead this is performed on demand via the click of a button. In this release a single domain can be set up although, in future updates, Smoothwall will add support for subdomains to allow group mapping by organizational units. This release also sees improvements made to Connect for Chromebooks, removing several of the setup steps. It is now optional for verification checks against the Google authentication service to be performed, although the verification...

Read More
Staff Email Accounts Compromised in City of Hope Hospital Phishing Attack
Mar07

Staff Email Accounts Compromised in City of Hope Hospital Phishing Attack

A phishing attack on California’s City of Hope Hospital has resulted in four staff email accounts being compromised. Three out of the four compromised email accounts contained a limited amount of protected health information, although the hospital does not believe the attack took place with a view to obtaining patient data. A press release from the Duarte hospital indicates the attack was most probably conducted in order to obtain contact information to use to send spam emails. A forensic data analysis organized by the hospital revealed that, in the majority of cases, patients only had their name and medical record number exposed. Some patients had more data exposed, including their date of birth, email address, telephone number, home address, dates of service, test results, and medical diagnoses. Only one Social Security number was exposed. The City of Hope Hospital phishing attack took place between January 18, and January 24, 2016. It is not clear how long it took security staff at the hospital to discover the attack, although prompt action was taken once the intrusion was...

Read More
SpamTitan Technologies Awarded Ninth VB+ Award
Mar04

SpamTitan Technologies Awarded Ninth VB+ Award

SpamTitan Technologies is celebrating its ninth VBSpam+ award – and thirty-fifth VB award overall – for a high performance in blocking spam emails. Virus Bulletin is a security information service that conducts independent testing on anti-malware and anti-spam solutions. It only distributes VB awards to vendors whose software achieves excellence in preventing web-borne threats – VBSpam+ being the highest award the organization can bestow. The most recent Virus Bulletin anti-spam test took place in January, with sixteen anti-spam solutions undergoing rigorous testing. For the fourth time in a row, SpamTitan Technologies´ anti-spam solution blocked more than 99.9% of spam and, for the third time in a row, it did so without any false positives. Martijn Grooten – responsible for conducting Virus Bulletin´s comparative reviews – commented on the importance of spam filters and how ‘spam filters make the email lives of users a lot easier – and a lot more secure”. Speaking about the performance of SpamTitan Technologies´ anti-spam solution, Martijn said...

Read More
Cyren Collects Cyber Defense Magazine Award for Web Security Platform
Mar04

Cyren Collects Cyber Defense Magazine Award for Web Security Platform

The leading cybersecurity magazine – Cyber Defense Magazine – has announced the winners of the 2016 CDM Awards program, with Cyren Web Security platform named 2016 Best Anti-Malware Solution. Cyren Web Security is a Software-as-a-Service (SaaS) platform that combines web policy control with anti-malware protection, helping businesses to control the categories of websites employees are allowed to access in the workplace and protecting users and endpoints from phishing, malware, ransomware, and other web-based threats. The cloud-based solution has been developed to be quick and easy to deploy, and being cloud-based, requires no software downloads or hardware purchases. The subscription-based DNS filtering solution prevents end users from visiting known and unknown malicious URLs, decrypts, analyzes, and re-encrypts SSL traffic, and blocks outbound calls to threat actors’ C2 servers. Cyren now protects more than 600 million end users from web-based, mobile, and email-based threats and can name major companies such as Google, Dell, Microsoft, and McAfee among its clients. Cyber Defense...

Read More
Investigation Launched into Main Life Health Spear Phishing Attack
Mar03

Investigation Launched into Main Life Health Spear Phishing Attack

Main Line Health has fallen victim to a spear phishing attack that has resulted in the data of employees being sent to a scammer. This is the fourth such case discovered in the past two weeks that has resulted in a breach of employee data. The spear phishing attack was discovered on Tuesday this week, although the spear phishing email was sent to a Main Line Health employee on February 16, 2016. The employee responded to the email request for data in the belief that the email was genuine. The incident went unnoticed until Main Line was made aware of the spate of recent healthcare phishing attacks when an alert was issued by the IRS. The attack prompted Main Line to conduct a review of internal policies and procedures to reduce the risk of future spear phishing attacks being successful, and the company will be enhancing its security procedures. All affected employees have been advised of the exposure of their data and are being offered credit monitoring and identity theft protection services to protect against fraud. Main Line Health CEO, Jack Lynch, issued a warning about the spear...

Read More
Spoofed Email Scam Claims Another Healthcare Victim
Feb24

Spoofed Email Scam Claims Another Healthcare Victim

Just a matter of days after Magnolia Health Corporation, CA., announced one of its employees had fallen for a spoofed email scam and emailed list of employee data outside the company, another healthcare system has made a similar announcement in what appears to be an almost carbon copy data breach. An employee of St. Joseph’s Healthcare System, NJ, received an email request to send a list of employee names, Social Security numbers, and earnings data. A request that is perhaps not unusual in tax season. The email request appeared to have been sent from an internal email address; that of a high ranking company executive. The employee responded by sending a spreadsheet containing the names, social security numbers, and details of 2015/2016 earnings of current employees. However, the email had in fact been sent by a scammer. Over 5,000 employees have had their names and Social Security numbers disclosed. Those employees work at either the St. Joseph’s Regional Medical Center in Paterson, NJ, St. Joseph’s Wayne Hospital in Wayne, NJ, or St. Vincent’s Nursing Home in Cedar Grove, NJ....

Read More
TitanHQ Launches Web Filtering Solution for Hospital Wi-Fi Networks
Feb17

TitanHQ Launches Web Filtering Solution for Hospital Wi-Fi Networks

TitanHQ – a world leader in email and web security solutions – has launched a DNS-based Web filtering solution for hospital Wi-Fi networks. Wi-Fi in hospitals has been acknowledged as a feature that increases patient satisfaction and has been associated with faster patient recuperation. Certainly providing patients with a means of communicating with their families via email and social media makes their stay more bearable. However, providing unfiltered Wi-Fi access to patients can have negative consequences. Patients that spend all day live streaming sports events can eat up bandwidth – preventing other patients from being able to access the Internet at all. Patients can access inappropriate web content in eyeshot of other patients or minors, and – potentially a more serious consequence – is the installation of malware and viruses that may not only infect the user´s device, but also the entire Wi-Fi network. TitanHQ has developed a solution for these potential issues – WebTitan Cloud for Wi-Fi. With Wi-Fi filtering for hospitals, administrators...

Read More
New Version of Rocket Web Filter Released by LightSpeed Systems
Feb16

New Version of Rocket Web Filter Released by LightSpeed Systems

Lightspeed Systems has announced version 3 of its Rocket web filter has now been released. The web filter is one of the leading web filtering solutions used in education to block access to malicious websites and sites containing inappropriate content for minors. The new version of the web filter includes a redesigned, sleek interface for ease of use, a redesigned administrator dashboard, and a wide range of new features designed to improve usability and school network management. The Rocket web filter is an appliance-based web filtering solution that runs on Lightspeed Systems’ proprietary technology, with options for cloud-based filtering also available. The web filter was developed first and foremost for use in education and soon become the go to company for web filtering, thanks to robust filtering controls that do not overblock web content. Version 3 of the Rocket Web Filter improves on its predecessor by increasing filtering speed and improving SSL handling. The latest version has better scalability and also now includes new reporting options, providing traffic reports in real...

Read More
Fortinet Identifies Further Products Vulnerable to FortiGuard SSH Backdoor
Jan22

Fortinet Identifies Further Products Vulnerable to FortiGuard SSH Backdoor

products, which could be used to gain administrative control of certain devices. The backdoor existed in the FortiOS operating system in versions 4.x up to 5.0.7. The FortiGuard SSH (Secure Shell) backdoor had not been intentionally added, instead it was a flaw in its management system which used an undocumented account and hard-coded password. Fortinet reports that the flaw was due to “A feature that was designed with the intent of providing seamless access from an authorized FortiManager to registered FortiGate devices.”  This was therefore different to the security issues with Juniper Networks devices that had a backdoor inserted by a malicious actor. While an independent researcher discovered the flaw, Fortinet said that its own security team had identified the problem and patched it in 2014. FortiOS 4.3.17 and FortiOS 5.0.8 were patched in 2014, and all products running FortiOS versions 5.2 or 5.4 were not vulnerable to the exploit. While the issue appeared to have been addressed, the publication of the exploit prompted Fortinet to investigate other products to determine...

Read More
Phishing Attack Suffered by Brigham and Women’s Hospital
Jan20

Phishing Attack Suffered by Brigham and Women’s Hospital

Boston’s Brigham and Women’s Hospital has alerted patients to a security breach after a phishing attack compromised the email account of a hospital employee. 1,009 patients have been affected by the cyberattack. Phishing Attack Suffered by Brigham and Women’s and Brigham and Women’s Faulkner Hospitals   Late last year, a Brigham and Women’s Hospital employee fell victim to a phishing attack that resulted in the login credentials of an email account being divulged to the attacker. The email account contained a limited amount of PHI of a small percentage of patients of both the Brigham and Women’s and Brigham and Women’s Faulkner Hospitals in Boston. According to a breach notice posted on the Brigham and Women’s Hospital website, only one email account was compromised and the electronic health record system was unaffected. Financial account information, Social Security numbers and health insurance numbers were not compromised in the attack, although affected patients have potentially had the following information disclosed: Name, medical record number, date of birth, date of service,...

Read More
Calculating the Cost of Spear Phishing
Jan17

Calculating the Cost of Spear Phishing

Spear phishing attacks are on the increase and healthcare providers have had to increase spending considerably to deal with the threat and mitigate risk. A recent survey conducted by Cloudmark/Vanson Bourne has helped to quantify the current level of spending on anti-phishing precautions and has produced an estimate of the cost of spear phishing. Spear Phishing: A growing problem for healthcare providers The sending of mass spam emails has long been a tactic used by cybercriminals to get individuals to reveal their login credentials, often indirectly after being fooled into installing malware on their computers. The vast majority of these email campaigns have been poorly written and ill conceived. That said, they have still proved to be effective way of delivering malware, although spam filtering technology has improved considerably in recent years and many of these emails are now being blocked. Cybercriminals have realized that more targeted phishing emails have a much better chance of not only getting past spam filters, but are also more likely to elicit the desired response....

Read More
Telephone Phishing Scam Impacts 21K Blue Shield of California Subscribers
Jan15

Telephone Phishing Scam Impacts 21K Blue Shield of California Subscribers

Blue Shield of California has reported a breach of PHI caused by an employee of a business associate who fell for a telephone phishing scam. Almost 21,000 individuals have been affected by the security breach. Healthcare providers and insurers should conduct staff training to ensure employees are aware of the risk of phishing campaigns delivered by email, but the latest Californian healthcare data breach shows that email is not the only medium phishers are using to obtain the login credentials of healthcare workers. Telephone phishing scams can be just as effective as email phishing campaigns. The latest healthcare security breach occurred at the call center of a business associate of the Blue Shield of California. A member of staff was asked for login details and provided these over the telephone. It is unclear how the caller convinced the individual to disclose this information. The incident affected individuals and Blue Shield Family Plan (IFP) members who took out health insurance coverage between October 2013 and December 2015. After login details were obtained, those...

Read More
Raytheon|Websense Rebrands as Forcepoint
Jan14

Raytheon|Websense Rebrands as Forcepoint

Raytheon|Websense has recently been rebranded. From January 14, 2016 the company will be known as Forcepoint. Forcepoint combines the cybersecurity products of Websense, which was acquired by Raytheon in May 2015, Raytheon – a major U.S. defense contractor, and the next generation firewall solutions of Stonesoft and Sidewinder, which were acquired from Intel Security this month. Forcepoint is a joint venture between Raytheon and Vista Equity Partners. The acquisitions which allow the company to provide a wide range of cybersecurity solutions to address the ever-evolving threat landscape through the transformative technologies of the cloud, mobility and IoT. The company is providing a cloud-centric platform that will safeguard data, networks, and end users. The combination of all services under the same brand will help the firm eliminate some of the inefficiencies of managing separate collections of cybersecurity products. The products of all companies will be combined into a platform solution that offers protection from internal and external threats, combining next generation...

Read More
Smoothwall Web Filter Edinburgh Update Make Use Easier
Jan12

Smoothwall Web Filter Edinburgh Update Make Use Easier

have also been made to the administrative User Interface to make it more aesthetically pleasing. Users will notice several changes to the layout of the administrative User Interface. The main navigation menu has been moved to the top of the page, and the menu system has been changed to allow users to view and navigate between all items in the section showing users exactly where they are in the product. In addition to making navigation easier, the changes will support future product updates. Context-sensitive help is also displayed on the page, providing hints and tips while performing certain actions. When viewing the filtering reporting sections, users will now be able to see the amount of time a user has spent browsing a particular domain. Certificate management has been improved with the creation of a new certificate management page, making it easier for users to create, delete, import, and export certificates. Certificates are included for MITM for decrypting HTTPS sessions to enable content to be filtered, for user facing HTTPS services, and Global Proxy. Establishing a single...

Read More
Study Shows Value of Phishing Simulation Exercises
Dec23

Study Shows Value of Phishing Simulation Exercises

A recent report indicates the probability of members of staff responding to a phishing campaign can be effectively reduced to zero if phishing simulation exercises are completed regularly. The Growing Threat of Healthcare Phishing Attacks The Office for Civil Rights recently issued its first financial penalty to an organization that suffered a data breach after its employees responded to a phishing campaign. The case resulted in University of Washington Medicine agreeing to a $750,000 fine to settle potential HIPAA violations. UWM had already had to cover significant data breach resolution costs after suffering a 90,000-record breach. The fine and data breach costs could potentially have been avoided if staff members had been trained how to identify phishing emails. The healthcare industry is now being targeted by cybercriminals, and phishing is the most commonly used method of gaining access to patient data. Even when multi-million-dollar security defenses are employed to keep networks secure, a single response to a phishing email can be all it takes to compromise the records of...

Read More
Healthcare Email Phishing Scam Claims 946 Victims
Dec09

Healthcare Email Phishing Scam Claims 946 Victims

Even robust data security controls can be easily undone, as discovered by Middlesex Hospital in Connecticut. An email phishing scam was sent to hospital employees and four members of staff responded. This potentially resulted in the perpetrator of the phishing scam being granted access to patient PHI via those email accounts. The security breach was discovered on October 9, 2015. An investigation into the incident revealed that 946 patients had been affected. No financial data or Social Security numbers were accessed as a result of the security breach, although it is possible that patient names, dates of birth, home addresses, medical record numbers, dates of service, prescription information, and medical diagnoses were accessed. According to a statement released by Middlesex Hospital, the data breach did not result in full access to patient medical records being obtained. All patients affected by the data breach have now been sent a breach notification letter advising them of the potential disclosure of their Protected Health Information, and all will be offered free credit...

Read More
WebTitan Gains Accreditation as Friendly Wi-Fi Approved Vendor
Nov11

WebTitan Gains Accreditation as Friendly Wi-Fi Approved Vendor

WebTitan´s Wi-Fi filtering solution has been considered to be of a sufficiently suitable standard to gain accreditation in the UK´s Friendly Wi-Fi scheme. In 2013, the UK´s Prime Minister – David Cameron – announced that a commitment had been received from the UK’s main Wi-Fi vendors that their standard public Wi-Fi service will automatically filter the Internet to comply with the Internet Watch Foundation “watch list” and block access to pornography. The Friendly Wi-Fi Scheme was subsequently created in collaboration with the UK Council for Child Internet Safety (UKCCIS). The motive behind the Scheme is to prevent children and young adults from accessing inappropriate pornographic material themselves and limit accidental exposure to inappropriate material that nearby adults might be viewing in public. “Friendly Wi-Fi” accreditation is given by the Registered Digital Institute to vendors and businesses who commit to protecting minors from exposure to inappropriate web content. TitanHQ has just announced that the company´s WebTitan for Wi-Fi has been accredited by...

Read More
LightSpeed Systems Releases New Device Management Bundle for Windows
Nov10

LightSpeed Systems Releases New Device Management Bundle for Windows

Lightspeed Systems has launched a new Device Management Bundle for Windows that simplifies the management of Windows and non-Windows devices. The new package incorporates web filtering, mobile device management, and classroom management in one convenient package. The system was developed to help administrators manage the increasing number of mobile devices in use in educational institutions, control what those devices can be used for, and apply security controls in case of loss or theft. All controls can be easily set from a single administrator’s panel, with the option of securely delegating certain responsibilities to other users to ease the administrative burden. Through the control panel it is possible to view the screens of all users, set secure filtering policies, set testing policies, manage device features, and apply individual device controls to suit all users, including staff and students. Lightspeed Systems worked closely with Microsoft when developing the Management Bundle for Windows to ensure full compatibility with Windows 10, Microsoft Office 365, and Microsoft...

Read More
SpamTitan Once Again in Top 5 Anti-Spam Solutions
Nov05

SpamTitan Once Again in Top 5 Anti-Spam Solutions

SpamTitan Technologies has been awarded its 34th VB100 Award for the high level at which its anti-spam solution catches potentially malicious emails. Spam emails containing phishing and spearing attacks are one of the main threats to IT security in the healthcare industry. Hackers see employees as the weak link in cyber-defenses and attempt to extract login credentials by sending fake emails asking recipients to reveal security data or click on a link that will install malware onto the network. One of the best lines of defense against phishing and spearing attacks is a spam email blocker, and SpamTitan Technologies is proving its product to be one of the best – beating market rivals such as Fortimail, Sophos, GFI and McAfee on its way to collecting its 34th VB100 award – an award issued by the security information service Virus Bulletin to vendors whose software is proven to prevent web-borne attacks. In the most recent Virus Bulletin test, SpamTitan achieved a 99.96% rating for blocking spam emails, with the software solution returning zero false positives. Martijn...

Read More
How to Spot a Phishing Email
Oct14

How to Spot a Phishing Email

October is National Cyber Security Awareness Month, a time of the year when events are organized and new initiatives are launched to increase cybersecurity awareness and highlight the risk of cyberattacks, computer fraud, phishing campaigns and other data security and privacy issues. When President Obama’s declared October National Cyber Security Awareness Month, his aim was to increase resiliency of the nation in the event of a cyber incident, and great strides have been made already to make his dream a reality. The Cybersecurity Threat is Greater Than Ever Before Unfortunately for healthcare providers, cybercriminals are now upping their game. They are developing ever more sophisticated methods of attack in an effort to gain access to healthcare data. The United States now faces the highest risk of cyberattack and all healthcare providers must now invest heavily in defenses to protect their computer equipment and systems from the onslaught of attacks. One of the commonest methods used by cybercriminals to gain access to healthcare networks is phishing. The perpetrators of...

Read More
Oakland Family Services Phishing Attack Claims 16K Victims
Sep12

Oakland Family Services Phishing Attack Claims 16K Victims

Oakland Family Services, a community outreach organization based in Pontiac, MI, has alerted 16,000 of its patients that some of their Protected Health Information was compromised in an email phishing attack that took place on July 14, 2015. By responding to an apparently legitimate request for information, an employee inadvertently gave the hacker access to data contained in a single email account. The electronic medical record databases were not accessed during the security breach. A press release issued by Oakland Family Services explained that no financial information was exposed in the security breach, although it is possible that patient names, medical ID numbers, service dates and details of the services provided were all potentially accessed. Some emails contained more detailed information on patients, which included health insurance and health plan ID numbers, contact telephone numbers, home addresses, dates of birth, and medical diagnoses. A total of 173 Social Security numbers were also exposed. The data related to patients who had visited Oakland Family Services for...

Read More
Cisco Announces Acquisition of OpenDNS
Aug27

Cisco Announces Acquisition of OpenDNS

Cisco has announced it has acquired the DNS and cybersecurity firm OpenDNS, boosting Cisco’s cloud-based security portfolio. OpenDNS was formed in 2006 as a consumer DNS company, with the firm moving into the realm of cybersecurity in 2012 with the launch of the network security service OpenDNS Umbrella. The firm developed its product portfolio and usability of its Umbrella to allow integration with any security product via the OpenDNS global security network. During the past three years, OpenDNS has partnered with some of the world’s biggest IT security vendors and its cybersecurity offerings are used by many of the world’s top enterprises. Cisco made its intentions to acquire OpenDNS known in June. Now, two months on, it has been announced that OpenDNS is now part of Cisco, although the acquisition process is not expected to close until the end of the first quarter of 2016. The acquisition makes perfect sense for Cisco, allowing the firm to rapidly expand its cloud-based security services and augment its already advanced threat detection capabilities, which now includes DNS-based...

Read More
Fortinet Launches Secure Cloud-Managed Enterprise WiFi Solution
Aug12

Fortinet Launches Secure Cloud-Managed Enterprise WiFi Solution

Fortinet has announced it has made several enhancements to its FortiCloud management system and has also introduced a new range of secure Wireless Access Points (APs) that can be managed entirely in the cloud. The updates and new line is part of the company’s drive to dominate the secure wireless networking market, which has been helped by the recent acquisition of Meru Networks: A leading supplier of wireless local area networks (WLANs) to the education, enterprise, hospitality, and healthcare industries. Wireless LAN solutions are convenient for organizations with facilities in multiple locations; however, deploying WLAN solutions is not without challenges. The architecture is often complex as networks need to be segregated, with separate networks used for guests and employees. Multiple WLAN controllers are often required, with separate security appliances also required, adding to both cost and complexity. The alternative is to use cloud-based WiFi solutions, and while there is now much more choice in this area, security remains a major concern. There are many security challenges...

Read More
SpamTitan Technologies Undergoes Rebranding Exercise – Emerges as TitanHQ
Aug11

SpamTitan Technologies Undergoes Rebranding Exercise – Emerges as TitanHQ

From today, SpamTitan Technologies – one of the world´s leading providers of email and web security solutions – will be known as TitanHQ. To support its continued evolution as a provider of email and web security solutions, SpamTitan Technologies has rebranded as TitanHQ. The company has had seen substantial growth over the past five years due to the release of new products, the introduction of cloud security services and through relationships with partners throughout the world. As the company continues to grow, its leadership has decided on the rebranding as part of its future plans. TitanHQ´s CEO – Ronan Kavanagh – said “As our customers’ needs have evolved so too has our product suite. We have added great new products and product brands such as SpamTitan, WebTitan and ArcTitan. The company continues to respond to consumer demand and this rebrand is part of this response. We now feel it is right to incorporate all of our great products under one umbrella brand which will allow us communicate one core message through one central platform to our customers”....

Read More
GFI Software Publishes New Study Evaluating Email User Habits
Jun24

GFI Software Publishes New Study Evaluating Email User Habits

GFI Software has published the results of its third annual study of the email habits of end users in the United States which has shown the positive and negative impacts of the widespread use of email in businesses and its impact on employees. The survey was conducted for GFI Software by Opinion Matters on 500 US workers from companies employing more than 500 individuals. One of the key findings of the survey is the ‘always-on’ culture is having a negative impact on employees, whose personal lives are being disrupted by work emails. Employees access emails on mobile devices and often view and respond to messages before and after work, at weekends, and during vacations. The problem is also getting worse. 6% more employees are now accessing and responding to work emails outside of working hours than last year. 74% of surveyed U.S. workers said they regularly check their work emails at weekends and 58% of employees said they are now checking work emails at least once a day outside of normal working hours. 54% said they have checked work emails while on vacation and 39% of survey...

Read More
Barracuda Improves Deployment Choices for its Web Filtering Solution
Jun17

Barracuda Improves Deployment Choices for its Web Filtering Solution

While many organizations choose a combined firewall and web filtering solution, in order to balance security with performance, many choose to keep both functions separate. Barracuda Networks has announced that it has now improved its web security deployment choices, allowing customers to choose an integrated firewall/web security solution or run both as separate appliances. “The recent enhancements made to Barracuda’s firewall and web security products allow customers to deploy best-in-class web security architectures, either integrated as a feature of their next-generation firewalls, or integrated as discrete firewall and web security appliances,” said Stephen Pao, GM Security, Barracuda. The Barracuda next generation firewall now has the capability to silently redirect traffic through the web filter without inline connections, with the feature made available on both the Barracuda Firewall and the Barracuda NextGen firewall. Organizations that run the firewall and web filter on separate appliances can gain several performance benefits, since there are different...

Read More
Fortinet Survey Reveals Wireless Network Biggest Concern in Enterprise IT Infrastructure
Jun03

Fortinet Survey Reveals Wireless Network Biggest Concern in Enterprise IT Infrastructure

Fortinet recently commissioned a survey on CISOs, CIOs, CTOs, and head of IT to discover current views on wireless security and the protections put in place by organizations to secure their wireless networks. The survey, conducted in May 2015 on 1,490 qualified IT decision makers, revealed wireless networks were the biggest area of concern and the weakest link in the security chain. From a security standpoint, wireless networks were ranked as the biggest concern by 49% of respondents, compared to the core network which was the biggest concern for just 29% of respondents. The remaining areas of concern were databases (25%), applications (17%) and storage (11%). Almost all of the CIOs that took part in the survey (92%) said insufficient wireless security was a concern. When asked about the security put in place to secure wireless networks, 37% of respondents said they do not even have authentication controls in place on their internal wireless networks. The level of concern therefore comes as no surprise. Further, while internal wireless networks have been set up for staff use, 43%...

Read More
Medical Records Used for Telephone Phishing Scam in Chicago
Jun03

Medical Records Used for Telephone Phishing Scam in Chicago

Cybercriminals are breaking into healthcare IT systems and stealing equipment to gain access to highly valuable Protected Health Information (PHI). With this data criminals can make bogus insurance claims, apply for credit, and obtain medical prescriptions and services. This is not the only way that data is obtained to commit fraud. In Chicago this week, a new telephone phishing scam has been uncovered. As with spear phishing, the perpetrators can be very convincing. With a limited amount of personal information about a person, they are able to obtain much more valuable data, provided they can convince the potential victim to divulge it. The latest scam appears to involve a HIPAA breach, as the criminals have highly intimate knowledge of the victims and information that could only be found in health records. With the latest scam, two patients that have reported being called claim the callers had information that only a hospital or their doctor would know. Not all data breaches provide criminals will a full set of data with which they can use commit any number of crimes. Sometimes...

Read More
Phishing, Spear Phishing and Malware: How Hackers Gain Access to PHI
May31

Phishing, Spear Phishing and Malware: How Hackers Gain Access to PHI

Criminals looking to break through the cybersecurity defenses put in place by health insurers and healthcare providers – to safeguard Protected Health Information (PHI) – can choose an easy or hard way to gain access to the data. Unsurprisingly, many choose the easy route in and exploit one of the largest security vulnerabilities; one that many healthcare providers have failed to address. The end users sitting at a terminal, PC or laptop with access to the network, emails and EHRs. IT staff can build multi-layered defenses and lock servers in impenetrable vaults, yet the army of healthcare workers who have full access to EHRs are an easy way for hackers to sneak through sophisticated defenses, undetected. If end users can be convinced to divulge their login credentials, or even easier, click on a malicious link or download and double click a malware affected attachment, the thieves can be in and out of a system almost as quickly as it takes to copy a database full of patient health records. Fortunately, many tech-savvy healthcare workers will be able to spot a phishing...

Read More
Fortinet Launches FortiGuard Mobile Subscription Service
May28

Fortinet Launches FortiGuard Mobile Subscription Service

Businesses that allow employees to use their own devices at work under BYOD schemes face challenges blocking threats from those devices. They lack visibility and often struggle to control mobile traffic. Wireless networks are becoming more popular in business environments and industry experts predict the popularity of wireless networks will continue to grow. Ultimately, wireless networks will dominate wired networks in enterprises. However, wireless networks pose security risks and security protections must be implemented to identity and block threats. Fortinet has now developed a solution that will improve both visibility and threat protection on wireless networks, especially for personally owned mobile devices used at work under BYOD schemes. The FortiGuard Mobile Security Service offers mobile malware protection and mobile application control for all Apple IOS and Android devices that connect to wireless networks. The FortiGuard Mobile Security Service offers threat protection through Fortinet’s global threat intelligence service, which supplies threat intelligence on both...

Read More
Phishing Attack Causes Partners HealthCare System HIPAA Breach
May01

Phishing Attack Causes Partners HealthCare System HIPAA Breach

Partners Healthcare has announced that it has suffered a HIPPA breach after hackers used a phishing attack to gain access to some of its email accounts. While the company’s EHR system was not compromised, the email accounts did contain some PHI and approximately 3,300 patients are believed to have been affected. Partners Healthcare believes that PHI may not have actually been obtained by criminals as there was no evidence discovered that this was the case, although it is possible that Social Security numbers and some clinical information – including diagnoses, treatments and medical appointments – were accessible through the email account, as were patient names, dates of birth, contact telephone numbers, addresses, medical record numbers and health insurance details. According to the breach notification posted on the company’s website, the attack was discovered on November 25, 2014. A group of user’s accounts were compromised after they received and responded to phishing emails in the belief that they were legitimate. Hackers were subsequently able to gain access to the email...

Read More
Raytheon Acquires Websense in $1.9 Billion Deal
Apr20

Raytheon Acquires Websense in $1.9 Billion Deal

Raytheon, a major U.S defense contractor, has announced it is to acquire Websense Inc from Vista Equity Partners in a deal reported to be worth $1.9 billion. The deal is expected to add an additional 20,000 commercial customers to Raytheon’s portfolio and is expected to close at the end of Q2, 2015. Over the past couple of years there has been a significant increase in cyberattacks on organizations of all sizes from SMBs to multi-national corporations. The increase in frequency of attacks and the level of sophistication of the attackers requires advanced defenses to be deployed to keep networks and data secure. The recent high-profile attacks have prompted many firms to commit more funds to cybersecurity. MarketsandMarkets has estimated there will be an increase of $60 billion in cybersecurity spending over the next four years, and Raytheon is poised to take advantage. Websense has developed Internet security technology for enterprises and governments to protect against web-based threats and block data theft and keep systems and endpoints free from malware. Those solutions will be...

Read More
SpamTitan Launches New Email Archiving Solution for Healthcare
Sep29

SpamTitan Launches New Email Archiving Solution for Healthcare

With the launch of ArcTitan, small and medium sized healthcare organizations now have a cost-effective and secure means of archiving important email correspondence. Although HIPAA does not stipulate that emails containing PHI should be archived, many medical practices and facilities choose to archive email correspondence in order that it can be retrieved at a later date if required. Secure email archiving also enables healthcare organizations to comply with the HIPAA Security Rule regulations relating to maintaining the integrity of PHI and accessibility. However, email archiving does not always come cheap. Many small and medium sized healthcare organizations find that they are many hundreds of dollars per year for archiving solutions that may have limitations or lack the required standard of encryption to be HIPAA compliant. SpamTitan Technologies – a leading provider of anti-spam software – claims that its new email archiving solution, ArcTitan, is different. Due to there being many different types of email servers, ArcTitan has been designed to work with most...

Read More
Gold and Silver Info Security PG Global Excellence Awards for Fortinet FortiGate Platform
Mar07

Gold and Silver Info Security PG Global Excellence Awards for Fortinet FortiGate Platform

It has been a good day for Fortinet at the Info Security Products Guide Global Excellence Awards, with the company collecting a gold and silver award for its UTM and next generation firewalls. Fortinet was awarded the gold medal for its FortiGate-140D-POE Unified Threat Management appliance in the Integrated Security and Unified Threat Management category, and a Silver award for the FortiGate-240D in the Firewall category. The Info Security PG Awards, now in their 10th year, celebrate the best IT and security vendors and their ground-breaking products and security solutions. The prestigious awards are highly coveted with award winners confirmed as having products that set the bar higher for the competition. A panel of 50 expert judges assesses each product on a wide range of criteria, with the scores aggregated to determine the winner in each category.  The winners of this year’s awards were announced at a glittering ceremony in San Francisco on February 24, 2014, attended by finalists, judges, and industry peers. The FortiGate-240D – and the 200D series – are mid-range network...

Read More
AV-Comparatives Rates FortiGuard Top Security Product with Full Marks for Anti-Phishing and Malware Removal
Jan27

AV-Comparatives Rates FortiGuard Top Security Product with Full Marks for Anti-Phishing and Malware Removal

AV-Comparatives has given Fortinet’s FortiGuard full marks in its recent December Summary Report 2013. The Fortinet Advanced Threat Protection (APT) technology was given top marks (3 stars) for anti-phishing, proactive catch rate, file detection, malware removal, and its real-world test. For the report, AV-Comparatives assessed FortiGuard along with 21 other antivirus products for their ability to block malicious software without preventing legitimate content from being accessed. The assessments took place over the course of the year. AV-Comparatives publishes the findings of its research in its annual report and highlights the products that have performed the best and achieved the highest scores across all of the test areas. The reports help businesses choose the most effective anti-virus products. All of the 21 products under test achieved reasonable and acceptable scores in all test areas, although some products provided outstanding protection. Those products were recognized and give awards. AV-Comparatives CEO and Founder Andreas Clementi explained that not all of the products...

Read More
Fortinet Launches FG 280D POE Targeting Smaller Business Networks
Jan13

Fortinet Launches FG 280D POE Targeting Smaller Business Networks

Fortinet has launched a new network security appliance for SMBs and smaller network operations – the FortiGate FG 280D POE. The appliance delivers security for wired and wireless networks, providing comprehensive threat protection through the firewall, VPN, antispam, web filtering, intrusion prevention, data loss prevention, dynamic routing for IPv4 and IPv6, application control, endpoint NAC, and SSL-encrypted traffic inspection. The 84-port device is well suited to organizations with relatively small networks such as small healthcare facilities and retail outlets. Even though considerably smaller than many of its other appliances, it is still a powerful high port density device with firewall throughput of 4GBps, 10 Gigabit Ethernet SFP+, and the capability to handle 3.2 million concurrent sessions. The appliance can help organizations cut out some of the complexity of current systems and eliminate costs. Multiple devices can be connected and managed through PoE ports on the FortiGate appliance, as Fortinet VP of product marketing explained, “By integrating the flexibility of...

Read More