Omnistruct News
Leverage Compliance to Grow Your MSP Business now BY JOINING OUR WEBINAR!
A waterfall of looming cyber checklists from Managed Service Provider customers are becoming increasingly common. New regulations, laws, guidelines, and standards of compliance are driving them. However, the expertise required in areas of risk and privacy are creating operational headaches and creating unnecessary risk when techs consult in areas that are better handled by risk managers and legal teams. We will discuss how the National Institute of Standards and Technology multiple frameworks in privacy and cybersecurity offer relief of risk especially when techs are asked by key accounts about legal compliance and why partnering with a Governance as a Service Provider like Omnistruct works for all involved.
Access Restrictions for Change - Video of the Week
Enterprise Leadership News
Barcode Scanner app on Google Play infects 10 million users with one update
Late last December we started getting a distress call from our forum patrons. Patrons were experiencing ads that were opening via their default browser out of nowhere. The odd part is none of them had recently installed any apps, and the apps they had installed came from the Google Play store. Then one patron, who goes by username Anon00, discovered that it was coming from a long-time installed app, Barcode Scanner. An app that has 10,000,000+ installs from Google Play! We quickly added the detection, and Google quickly removed the app from its store. By Nathan Collier I February 5, 2021
Pandemic Proves to Be Fertile Ground for Identity Thieves
Identity thieves were busier than ever as the pandemic erupted nationwide last year, with reports of identity theft in the U.S. skyrocketing to nearly 1.4 million in 2020, more than double the number a year earlier. By Katherine Skiba I February 5, 2021
Microsoft: Keep your guard up even after Emotet’s disruption
Microsoft warns customers not to let their guard down even after hundreds of Emotet botnet servers were taken down in late January 2021. By Sergiu Gatlan I February 8, 2021
Regulations, Frameworks, and Controls
NIST testing automated delivery of new security controls
Starting this summer, the National Institute of Standards and Technology will begin to automate delivery of revisions to Special Publication 800-53. By Troy K. Schneider I February 08, 2021
NIST posts enhanced requirements for protecting CUI
In the wake of the SolarWinds Orion hack, the National Institute of Standards and Technology has published recommendations for enhanced security requirements that can help organizations protect controlled unclassified information (CUI) against nation-state backed threats. By Justin Katz I February 08, 2021
NIST SP 800-172: Enhanced Guidelines & Standards For CMMC
Previously known as NIST SP 800-171B with drafts released in June 2019 and July 2020, the final version of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-172 arrived in February 2021. By SecureStrux I February 10, 2021
NIST posts enhanced requirements for protecting CUI
In the wake of the SolarWinds Orion hack, the National Institute of Standards and Technology has published recommendations for enhanced security requirements that can help organizations protect controlled unclassified information (CUI) against nation-state backed threats. By Justin Katz I February 08, 2021
Small Business Entrepreneur Cybersecurity News
Protect Your Business Against Cyber Threats with a Top-Rated VPN
Cybercrime doesn't just impact large businesses and unsuspecting individuals. Forty-three percent of all cybercrimes target small businesses because many entrepreneurs overlook the importance of cybersecurity. It's imperative that you protect your business from cybercrime, and one of the easiest ways to do it is to start using a VPN. By Entrepreneur Store I February 8, 2021
How to Protect Your Supply Chain From Cyberattack
Cyberthreats evolve constantly, but one rule endures: hackers will never break down your front door if they can get in through an open window. Most retailers are keenly aware that the credit card and customer data on their networks is a prime target for hackers, and so they barricade access points to their websites and ecommerce systems to ward off intrusion. By Ara Aslanian I February 4, 2021
Enterprise Technical Security That Matters
Packaging giant WestRock is still working to resume after recent Ransomware Attack
Packaging giant WestRock revealed this week that the recent ransomware attack impacted the company’s IT and operational technology (OT) systems. By Pierluigi Paganini I February 6, 2021
WARNING — Hugely Popular 'The Great Suspender' Chrome Extension Contains Malware
Google on Thursday removed The Great Suspender, a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. It also took the unusual step of deactivating it from users' computers. By Ravie Lakshmanan I February 6, 2021
Victims of Ziggy ransomware can recover their files for free
The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. By Pierluigi Paganini I February 8, 2021
Critical Firefox Vulnerability Can Allow Code Execution If Chained With Other Bugs
An update released last week by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other security flaws to achieve arbitrary code execution. By Eduard Kovacs I February 09, 2021
Cyberpunk 2077 bug fixed that let malicious mods take over PCs
CD Projekt Red has released a hotfix for Cyberpunk 2077 to fix a remote code execution vulnerability that could be exploited by third-party data file modifications and save games files. By Lawrence Abrams I February 8, 2021
Zeoticus 2.0 Making Infections Are Now Harder to Control, Contain, and Mitigate
Discovered in early 2020, the Zeoticus ransomware has moved into 2021 with new upgrades focused on speed and efficiency. SentinelOne researchers released a detailed report and technical analysis of the latest version - Zeoticus 2.0. By Cyware I February 11, 2021
Intel Patches Tens of Vulnerabilities in Software, Hardware Products
The chipmaker’s Patch Tuesday updates for February 2021 were described in 19 advisories, including four that cover high-severity vulnerabilities. By Eduard Kovacs I February 10, 2021
MSP News
What Louisiana’s First MSP Regulation Could Mean for the Channel?
Much like in many other industries such as healthcare and financial services, government entities are making initial steps toward managing the IT channel. Resulting from a spike in costly ransomware and phishing scams, the repercussions of insufficient security have many eyes on Managed Service Providers (MSPs). The first-ever state bill, and the federal roll-out of Cybersecurity Maturity Model Certification offer a glimpse into what future IT channel and MSP regulation could look like.How Managed Service Accounts in Active Directory Work
Managed Service Accounts in Windows allow administrators to automate password management for accounts. By Steve Syfuhs I February 4, 2021
House Armed Services Adds Cybersecurity-focused Panel for Technology Oversight
The House Armed Services Committee has formed a new cybersecurity-focused subcommittee to oversee the Department of Defense’s use of cyber, emerging technology and information systems. By D. Howard Kass I February 8, 2021
U.S Election Security Strategy: CISA Head Vows Back to Basics
How the Cybersecurity Infrastructure and Security Agency (CISA), the nation’s cyber central, will deconstruct the swarm of disinformation buzzing federal elections is front and center on the agency’s to-do list, Acting Director Brandon Wales said. By D. Howard Kass I February 8, 2021
Tenable Acquires Microsoft Active Directory Security Company Alsid
Tenable has announced plans to acquire Microsoft Active Directory (AD) security provider Alsid for $98 million in cash. Furthermore, Alsid founders Emmanuel Gras and Luc Delsalle will join Tenable in senior leadership roles focused on the development of AD security solutions. By Dan Kobialka I February 10, 2021
New Known Breaches in the Past Week
Tens of Thousands of Patient Files Leaked in US Hospital Attacks
Patients and employees from 11 hospitals in the US have had their personal information exposed after hackers reportedly published tens of thousands of records online. By Phil Muncaster I February 8, 2021
Web developers SitePoint discloses a data breach
The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M users. By Pierluigi Paganini I February 7, 2021
Law Firm Data Breach Impacts UPMC Patients
A cyber-attack on a Pennsylvania law firm has potentially exposed the personal health information (PHI) of more than 36,000 patients of University of Pittsburgh Medical Center (UPMC). By Sarah Coble I February 8, 2021
Cyberpunk 2077' game studio says hackers exposed data
Video game company CD Projekt says a cyberattack exposed some of its data, and the intruders left a ransom note claiming they accessed the source code for “Cyberpunk 2077” and other games. By Joe Warminsky I February 9, 2021
PyPI, GitLab dealing with spam attacks
Spammers have inundated the Python Package Index (PyPI) portal and the GitLab source code hosting website with garbage content, flooding both with ads for shady sites and services. By Catalin Cimpanu I Zero Day | February 9, 2021
Lawsuit filed over data breach at Wilmington Surgical Associates
A lawsuit has been filed against Wilmington Surgical Associates after hackers breached the company’s computer systems and stole sensitive information of nearly 115,000 patients. By WECT Staff | February 10, 2021
SU data breach exposes nearly 10,000 names, Social Security numbers
The names and Social Security numbers of about 9,800 Syracuse University students, alumni and applicants have been exposed after someone gained unauthorized access to an employee’s email account. By Michael Sessa I February 10, 2021
|
Sincerely, Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827 |
.png)
Get Social