A waterfall of looming cyber checklists from Managed Service Provider customers are becoming increasingly common. New regulations, laws, guidelines, and standards of compliance are driving them. However, the expertise required in areas of risk and privacy are creating operational headaches and creating unnecessary risk when techs consult in areas that are better handled by risk managers and legal teams. We will discuss how the National Institute of Standards and Technology multiple frameworks in privacy and cybersecurity offer relief of risk especially when techs are asked by key accounts about legal compliance and why partnering with a Governance as a Service Provider like Omnistruct works for all involved.
Late last December we started getting a distress call from our forum patrons. Patrons were experiencing ads that were opening via their default browser out of nowhere. The odd part is none of them had recently installed any apps, and the apps they had installed came from the Google Play store. Then one patron, who goes by username Anon00, discovered that it was coming from a long-time installed app, Barcode Scanner. An app that has 10,000,000+ installs from Google Play! We quickly added the detection, and Google quickly removed the app from its store. By Nathan Collier I February 5, 2021
Identity thieves were busier than ever as the pandemic erupted nationwide last year, with reports of identity theft in the U.S. skyrocketing to nearly 1.4 million in 2020, more than double the number a year earlier. By Katherine Skiba I February 5, 2021
Microsoft warns customers not to let their guard down even after hundreds of Emotet botnet servers were taken down in late January 2021. By Sergiu Gatlan I February 8, 2021
Starting this summer, the National Institute of Standards and Technology will begin to automate delivery of revisions to Special Publication 800-53. By Troy K. Schneider I February 08, 2021
In the wake of the SolarWinds Orion hack, the National Institute of Standards and Technology has published recommendations for enhanced security requirements that can help organizations protect controlled unclassified information (CUI) against nation-state backed threats. By Justin Katz I February 08, 2021
Previously known as NIST SP 800-171B with drafts released in June 2019 and July 2020, the final version of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-172 arrived in February 2021. By SecureStrux I February 10, 2021
In the wake of the SolarWinds Orion hack, the National Institute of Standards and Technology has published recommendations for enhanced security requirements that can help organizations protect controlled unclassified information (CUI) against nation-state backed threats. By Justin Katz I February 08, 2021
Cybercrime doesn't just impact large businesses and unsuspecting individuals. Forty-three percent of all cybercrimes target small businesses because many entrepreneurs overlook the importance of cybersecurity. It's imperative that you protect your business from cybercrime, and one of the easiest ways to do it is to start using a VPN. By Entrepreneur Store I February 8, 2021
Cyberthreats evolve constantly, but one rule endures: hackers will never break down your front door if they can get in through an open window. Most retailers are keenly aware that the credit card and customer data on their networks is a prime target for hackers, and so they barricade access points to their websites and ecommerce systems to ward off intrusion. By Ara Aslanian I February 4, 2021
Packaging giant WestRock revealed this week that the recent ransomware attack impacted the company’s IT and operational technology (OT) systems. By Pierluigi Paganini I February 6, 2021
Google on Thursday removed The Great Suspender, a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. It also took the unusual step of deactivating it from users' computers. By Ravie Lakshmanan I February 6, 2021
The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. By Pierluigi Paganini I February 8, 2021
An update released last week by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other security flaws to achieve arbitrary code execution. By Eduard Kovacs I February 09, 2021
CD Projekt Red has released a hotfix for Cyberpunk 2077 to fix a remote code execution vulnerability that could be exploited by third-party data file modifications and save games files. By Lawrence Abrams I February 8, 2021
Discovered in early 2020, the Zeoticus ransomware has moved into 2021 with new upgrades focused on speed and efficiency. SentinelOne researchers released a detailed report and technical analysis of the latest version - Zeoticus 2.0. By Cyware I February 11, 2021
The chipmaker’s Patch Tuesday updates for February 2021 were described in 19 advisories, including four that cover high-severity vulnerabilities. By Eduard Kovacs I February 10, 2021
The House Armed Services Committee has formed a new cybersecurity-focused subcommittee to oversee the Department of Defense’s use of cyber, emerging technology and information systems. By D. Howard Kass I February 8, 2021
How the Cybersecurity Infrastructure and Security Agency (CISA), the nation’s cyber central, will deconstruct the swarm of disinformation buzzing federal elections is front and center on the agency’s to-do list, Acting Director Brandon Wales said. By D. Howard Kass I February 8, 2021
Tenable has announced plans to acquire Microsoft Active Directory (AD) security provider Alsid for $98 million in cash. Furthermore, Alsid founders Emmanuel Gras and Luc Delsalle will join Tenable in senior leadership roles focused on the development of AD security solutions. By Dan Kobialka I February 10, 2021
Patients and employees from 11 hospitals in the US have had their personal information exposed after hackers reportedly published tens of thousands of records online. By Phil Muncaster I February 8, 2021
The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M users. By Pierluigi Paganini I February 7, 2021
A cyber-attack on a Pennsylvania law firm has potentially exposed the personal health information (PHI) of more than 36,000 patients of University of Pittsburgh Medical Center (UPMC). By Sarah Coble I February 8, 2021
Video game company CD Projekt says a cyberattack exposed some of its data, and the intruders left a ransom note claiming they accessed the source code for “Cyberpunk 2077” and other games. By Joe Warminsky I February 9, 2021
Spammers have inundated the Python Package Index (PyPI) portal and the GitLab source code hosting website with garbage content, flooding both with ads for shady sites and services. By Catalin Cimpanu I Zero Day | February 9, 2021
A lawsuit has been filed against Wilmington Surgical Associates after hackers breached the company’s computer systems and stole sensitive information of nearly 115,000 patients. By WECT Staff | February 10, 2021
The names and Social Security numbers of about 9,800 Syracuse University students, alumni and applicants have been exposed after someone gained unauthorized access to an employee’s email account. By Michael Sessa I February 10, 2021
Sincerely, Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827 |