Andrew Blake reports: Embassies in Europe have wound up on the receiving end of an ongoing hacking campaign with roots in Russia, a multinational cybersecurity firm warned Monday. Researchers at Check Point reported becoming aware of a weaponized spreadsheet being emailed to targets described as “government finance authorities and representatives in several embassies in Europe.”…
Google Moves Developers to OAuth to Help Prevent Phishing Attacks
Dennis Fisher reports: In an effort to cut off an avenue used in some phishing attacks, Google is planning to block authentication attempts from some apps that use embedded browser frameworks in the near future. The change is part of a broader initiative by the company to get a better handle on when and how…
In: Files feared stolen from GST Intel records room
Wow. As far as a physical security FAIL goes, this is a contender. The Ahmedabad Mirror reports: Officials of the Directorate General of GST Intelligence (DGGI) in Gujarat on Sunday lodged a complaint of theft of record files from their storage unit in Ahmedabad. The DGGI storage unit is housed in an old and decrepit…
FL: Stuart’s city hall ransomware attack “more than likely” caused by phishing email scam
Melissa E. Holsman reports: The city is still recovering from an April 13 ransomware virus attack that most likely came from a phishing email scam on an employee’s desktop computer, the city manager said Monday. A computer virus dubbed Ryuk attacked the city’s servers in a ransomware demand that City Manager David Dyess said forced…
So how’s April so far?
Quick note: I haven’t been posting all the health data breaches or incidents I have already found this month, as in some cases, I’m waiting for responses from entities to my questions. But I am compiling the incidents in my worksheet that I provide to Protenus, Inc. for their analyses and freely available reports. Yesterday,…
The Lack of an Adequate HIPAA Security Risk Assessment is a Common and Costly Mistake by Healthcare Providers: What Providers Can Do Now
Erin Smith Aebel of Shumaker, Loop & Kendrick, LLP writes: Health care providers and others who must comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) have specific requirements under the Security Rule to HIPAA when it comes to their maintenance of electronically held protected health information. One of those requirements is…