NIST and HIPAA: Is There a Password Connection?

When dealing with user data, it's essential that we design our password policies around compliance. These policies are defined both internally and externally. While companies uphold their own password standards, outside forces like HIPAA and NIST have a heavy influence. Impacts are defined by industry and one's unique infrastructure. How do IT departments maintain compliance … Continue reading NIST and HIPAA: Is There a Password Connection?

IcedID Banking Trojan Surges: The New Emotet?

A widespread email campaign using malicious Microsoft Excel attachments and Excel 4 macros is delivering IcedID at high volumes, suggesting it’s filling the Emotet void. The banking trojan known as IcedID appears to be taking the place of the recently disrupted Emotet trojan, according to researchers. IcedID (a.k.a. BokBot), bears similarities to Emotet in that … Continue reading IcedID Banking Trojan Surges: The New Emotet?

Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers

Cisco says it will not patch three small business router models and one VPN firewall device with critical vulnerabilities. Cisco Systems said it will not fix a critical vulnerability found in three of its SOHO router models. The bug, rated 9.8 in severity out of 10, could allow unauthenticated remote users to hijack targeted equipment … Continue reading Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers

Adware Spreads via Fake TikTok App, Laptop Offers

Cybercriminals are encouraging users to send the “offers” via WhatsApp to their friends as well. Malicious Android apps disguised as TikTok and offers for free Lenovo laptops are being used in ad-stuffing attacks underway against devices on the Jio telecom network in India, security researchers warn. Researchers from Zscaler report this threat actor has been … Continue reading Adware Spreads via Fake TikTok App, Laptop Offers

Nation-state cyber attacks could lead to cyber conflict

New HP-sponsored report finds significant increase in nation-states targeting enterprises to steal high-value IP. A new report from HP released Thursday, Nation States, Cyberconflict and the Web of Profit, found that nation-state cyber attacks are "moving us closer to a point of advanced cyber conflict." "Nation-state conflict doesn't take place in a vacuum; as evidenced … Continue reading Nation-state cyber attacks could lead to cyber conflict