‘Accountability framework’ proposed to promote secure health care practices
The CyberPeace Institute’s methodology holds promise, but it must further differentiate itself and overcome enforcement challenges.
About SC Media
Most recent articles by Bradley Barth
Camera tricks: Privacy concerns raised after massive surveillance cam breach
A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada. Now experts are weighing in on the potential ramifications that can befall an organization if security footage is leaked or falls into the wrong hands.
Ransomware, supply chain attacks compel health care organizations to act
If ransomware and data exfiltration attacks that targeted hospitals and vaccine researchers during the pandemic signaled a cyber hygiene crisis in health care, the SolarWinds supply chain attack demonstrated just how deep the problem goes.
How auto-scanning and scripting helped Exchange attackers rack up victims
The lesson here: malicious actors continue to leverage the combination of automated scanners and scripts to strategically rack up high victim counts, especially when they sense time to inflict damage before patching is running out.
‘Educational’ ransomware program may instead become a how-to guide for attackers
The program is designed to be an educational tool for testing anti-virus protections; however, it’s possible that cybercriminals could adopt and modify the code in order to launch their own attacks.
Scammers impersonate execs to target big payout of investor dollars
Current tactics, which seek payouts that are multiple times larger than the average email impersonation scheme, are not terribly sophisticated. But if perfected, the approach could pose a serious threat to the financial investment and privacy equity community.
Nine-year Malaysia Airlines breach gave attackers lots of time to misuse data
The incident is another example of why businesses must assess and manage third-party vendor risk.
SolarWinds blaming intern for leaked password is symptom of ‘security failures’
Infosec thought leaders say that blaming an intern ignores the true roots of the problem, including insufficient credentials policies and access management practices.
Cloud-based dev teams: shift security left to avoid being the next SolarWinds
“The entire way we perform security in a development environment needs to be rethought.”
New data could help CISOs quantify the value of a strong security culture
Companies with a good security culture are 52x less likely to practice risky credential sharing than orgs with a poor security culture.
Next post in Phishing
