City of Hope Phishing Attack Impacts 3,400 Patients
Aug14

City of Hope Phishing Attack Impacts 3,400 Patients

A recent City of Hope phishing attack has potentially resulted in the PHI of 3,400 patients being accessed by cybercriminals. City of Hope employees were sent phishing emails on May 31 and June 2, 2017. Four employees responded to the emails and disclosed their email credentials to the attackers. Four email accounts were accessed by the attackers. While the email accounts contained sensitive information, City of Hope officials do not...

Read More
2,789 Patients’ PHI Compromised in Phishing Attack
Aug02

2,789 Patients’ PHI Compromised in Phishing Attack

Kaleida Health has announced that a phishing attack has resulted in an email account being compromised, and along with it, the protected health information of 2,789 of its patients. Kaleida Health became aware of the incident on May 24, 2017, and called on a computer forensics firm to assess which patients have been affected and the extent to which its systems had been compromised. The firm determined the attack was limited to one...

Read More
Call Issued for Federal Agencies to Adopt DMARC to Prevent Phishing
Jul20

Call Issued for Federal Agencies to Adopt DMARC to Prevent Phishing

Over the past few months there have been several cases of criminals impersonating government departments in phishing campaigns, prompting Sen. Ron Wyden (D-OR) to write to the Department of Homeland Security calling for the use of DMARC to prevent phishing attacks using federal email domains. Phishers are gaining access to real domains used by federal agencies and are sending out phishing emails. The official domains add authenticity...

Read More
Google Makes It Harder to Install Malicious Apps
Jul18

Google Makes It Harder to Install Malicious Apps

In May, a phishing campaign took advantage of users of Google Docs. Emails were sent containing a link to Google Docs that appeared to be an invitation to collaborate on a document. The emails contained all the typical branding one would expect from a legitimate request. However, the request was not sent via Google Docs. It was sent via a third-party app that had been named Google Docs. Clicking the link to accept the request to...

Read More
PhishMe CEO Royht Belani Receives EY Entrepreneur of the Year Award
Jun20

PhishMe CEO Royht Belani Receives EY Entrepreneur of the Year Award

The winners of the 2017 EY Entrepreneur of the Year Awards for the Mid-Atlantic region have been announced, with PhishMe CEO and co-founder Royht Belani named as 2017 CEO of the Year for the Mid-Atlantic region in the security category. Each year, EY recognizes entrepreneurs that have gone the extra mile and have shown exceptional personal commitment to their business and communities and been inspirational leaders. EY first started...

Read More
Southern Oregon University Phishing Attack Results in Theft of $1.9 Million
Jun15

Southern Oregon University Phishing Attack Results in Theft of $1.9 Million

A Southern Oregon University phishing attack has resulted in the theft of $1.9 million from the university’s accounts – Arguably the worst phishing attack of the year to date. While the Southern Oregon University phishing attack stands out due to the amount of money obtained by the attackers, it is sadly just one of a large number of attacks that have affected U.S organizations this year. The scam is known as Business Email Compromise...

Read More
PhishMe Lands Prestigious 2017 SC Europe Award for its Anti-Phishing Solutions
Jun14

PhishMe Lands Prestigious 2017 SC Europe Award for its Anti-Phishing Solutions

Each year, SC Media hosts a prestigious awards ceremony where the best companies and information security products are recognized and celebrated. The SC Awards are widely regarded as some of the most prestigious awards for companies in the field of information security. Each company and product is scrutinized by two panels of judges which score the companies and products on a wide range of criteria. To be selected as a finalist in one...

Read More
Q2 Saw a 400% Increase in Phishing Attacks on Businesses
Jun13

Q2 Saw a 400% Increase in Phishing Attacks on Businesses

The threat from phishing has been growing steadily over the past few years, but a new report from Mimecast shows the threat is greater than ever before with more phishing attacks on businesses than any other time in history. The report shows there has been a 400% increase in phishing attacks on businesses in Q2, 2017. For the study, Mimecast analyzed the inbound emails of 44,000 business users. That analysis showed cybercriminals are...

Read More
Phishing Trends and Intelligence Report Published by PhishLabs
Jun12

Phishing Trends and Intelligence Report Published by PhishLabs

PhishLabs, a leading provider of phishing defense solutions, has published its Phishing Trends and Intelligence Report for Q1, 2017. The report shows that cybercriminals have changing tactics and targets in the first quarter of 2017, attacking different industries with different methods compared to the previous quarter. PhishLabs CEO Tony Price said, “The first quarter of 2017 shows just how quickly the phishing threat landscape...

Read More
PhishMe Offers Assistance with GDPR Compliance
Jun10

PhishMe Offers Assistance with GDPR Compliance

The General Data Protection Regulation (GDPR) will be written into EU law next year, although companies need to start their GDPR compliance programs now if they are to ensure they are fully compliant before the May 25, 2018 deadline. Any company that is discovered not to be in compliance with the new regulation after that date faces a stiff financial penalty. The maximum fine for non-compliance with GDPR is $20 million Euros or 4% of...

Read More
Farm Bureau Bank Chooses Agari to Protect Against Phishing Attacks
Jun08

Farm Bureau Bank Chooses Agari to Protect Against Phishing Attacks

San Antonio, TX-based Farm Bureau Bank has signed up with Agari and is now using the company’s Email Trust Platform™ to protect its customers and employees from phishing attacks. The Agari Customer Protect™ solution has been adopted to protect customers from phishing attacks that abuse its brand, while employees are protected from business email compromise and spear phishing attacks by the Agari Enterprise Protect™ solution. In...

Read More
New Ironscales Report Delves into Current Phishing Trends
May30

New Ironscales Report Delves into Current Phishing Trends

Ironscales, a leading vendor of anti-phishing solutions, has published a new report on the latest phishing trends. The report shows how phishing tactics have changed, the effectiveness of phishing campaigns and how traditional anti-spam technologies are failing to block spear phishing attacks. The report – titled ‘How Modern Email Phishing Attacks Have Organizations on the Hook’ – was the result of a study of 8,500 verified...

Read More
Purple Increases Security Following Recent Ransomware Attacks
May25

Purple Increases Security Following Recent Ransomware Attacks

The global WiFi analytics and WiFi marketing service provider Purple has taken the decision to improve security for its customers with a new WiFi content filtering service. The decision to improve security was taken at an appropriate time. The recent WannaCry attacks, which affected more than 300,000 computers around the world, shows just how important it is for WiFi companies to take steps to improve security to protect their...

Read More
Healthcare Data Breach Reporting Improves; IT Security Incidents Rise
May23

Healthcare Data Breach Reporting Improves; IT Security Incidents Rise

The monthly Breach Barometer Report from Protenus shows healthcare data breach reporting is improving, data breaches are down, and there was a significant reduction in healthcare data breach victims in April, 2017. The Health Insurance Portability and Accountability Act (HIPAA) places a time limit on reporting healthcare data breaches to the HHS’ Office for Civil Rights (OCR) and sending breach notifications to patients. That time...

Read More
KnowBe4 CEO Stu Sjouwerman Finalist in 2017 EY Entrepreneur of the Year Awards
May04

KnowBe4 CEO Stu Sjouwerman Finalist in 2017 EY Entrepreneur of the Year Awards

KnowBe4 CEO Stu Sjouwerman has been selected as a finalist for the 2017 EY Entrepreneur of the Year Awards. KnowBe4 is a leading provider of anti-phishing solutions that concentrate on the human element of security. KnowBe4’s products help to train end users about the threat from phishing, social engineering, CEO fraud and malware and ransomware attacks. The 2017 EY Entrepreneur of the Year Awards are now in their 31st year. The...

Read More
Weak Password Test Tool Released by KnowBe4
May03

Weak Password Test Tool Released by KnowBe4

Anti-phishing solution provider KnowBe4 has released a weak password test tool that can be used by organizations to assess threats related to the use of weak passwords. Weak passwords are often cited as one of the main ways cybercriminals gain access to business networks. Weak passwords can be easily guessed and provide little resistance to brute force attacks. A recent study conducted by Verizon showed that 81% of hacking related...

Read More
PhishMe CEO Rohyt Belani Announced as Finalist in EY Entrepreneur of the Year Awards
Apr26

PhishMe CEO Rohyt Belani Announced as Finalist in EY Entrepreneur of the Year Awards

Rohyt Belani, CEO and co-founder of PhishMe, the leading provider of anti-phishing solutions for enterprises, has been named as a finalist for Entrepreneur of the Year (mid-Atlantic) at the annual EY awards. This is the second year in a row that Belani has been recognized at the annual award ceremony. This is the 31st year of the EY Awards program, which recognize the excellence of entrepreneurs for innovation, commitment to the...

Read More
Webroot Antivirus Update Problems Mount: Servers, PCs and Apps Crippled
Apr25

Webroot Antivirus Update Problems Mount: Servers, PCs and Apps Crippled

Webroot antivirus update problems are mounting with many thousands of the company’s customers experiencing severe issues after installing an April 24 update. Customers who had their computers running between 7PM and 9PM UTC on April 24 and had their AV set to update automatically had the update applied. While the update should have simply loaded the latest malware signatures, hundreds of critical files were accidentally marked as...

Read More
Security Management Process HIPAA Violations Resolved with $400,000 OCR Settlement
Apr13

Security Management Process HIPAA Violations Resolved with $400,000 OCR Settlement

Yesterday, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced that a $400,000 settlement had been agreed with Metro Community Provider Network (MCPN) to resolve potential security management process HIPAA violations. The Denver, CO-based federally-qualified health center (FQHC) experienced a phishing attack in December 2011 that resulted in unauthorized access to the email accounts of employees. The...

Read More
Philadelphia Ransomware Used in Targeted Attacks on US Hospitals
Apr11

Philadelphia Ransomware Used in Targeted Attacks on US Hospitals

Cybercriminals are conducting targeted attacks on U.S. healthcare organizations using Philadelphia ransomware; a relatively new ransomware variant developed from Stampedo ransomware. Philadelphia ransomware was first seen in September 2016, although recently, a new campaign has been detected that has already seen two U.S hospitals have sensitive files encrypted. The actors behind the latest attacks are targeting physicians using spear...

Read More
Forrester Research Study Shows PhishMe Phishing Solution Gives 336% ROI
Apr06

Forrester Research Study Shows PhishMe Phishing Solution Gives 336% ROI

Many businesses have had no alternative but to improve cybersecurity defenses to deal with the increased threat of cyberattacks. With attacks coming from all angles and a large attack surface to defend, organizations need to purchase multiple products to keep their networks and data well defended. It is therefore important to ensure money diverted to cybersecurity is well spent. Organizations need to ensure they get the best possible...

Read More
Ironscales Announces New Partnership with Check Point to Improve Detection and Remediation of Email Security Threats
Mar28

Ironscales Announces New Partnership with Check Point to Improve Detection and Remediation of Email Security Threats

Ironscales has announced it has partnered with Check Point Software Technologies Ltd and will be integrating its innovative IronTraps™ anti-phishing solution with Check Points’ Sand Blast Zero-Day Protection – a threat emulation solution that tests suspicious email attachments in a safe and secure sandbox. At present, Ironscales is the only company to offer an anti-phishing solution that combines human intelligence with machine...

Read More
Cybersecurity Tips for Healthcare Providers Offered by WEDI
Mar24

Cybersecurity Tips for Healthcare Providers Offered by WEDI

The Workgroup for Electronic Data Interchange (WEDI) has published a white paper offering cybersecurity tips for healthcare providers to help them ensure the sensitive protected health information of patients remains confidential and resilience against healthcare cyberattacks is improved. The white paper – The Rampant Growth of Cybercrime – explains the scale of the current problem. The healthcare industry has been extensively...

Read More
Perry Carpenter Appointed as KnowBe4’s Chief Evangelist and Strategy Officer
Mar22

Perry Carpenter Appointed as KnowBe4’s Chief Evangelist and Strategy Officer

KnowBe4 has appointed Perry Carpenter as its new Chief Evangelist and Strategy Officer. Carpenter’s role will be to help guide innovation and oversee the continued evolution of KnowBe4’s range of phishing defense solutions that target the human element of security. KnowBe4 has developed a ‘new school’ approach to security awareness training, being aware that simply providing training to end users is no longer sufficient to protect...

Read More
Expanded Awareness Video Campaigns to be Showcased by Wombat Security at the SXSW Conference
Mar10

Expanded Awareness Video Campaigns to be Showcased by Wombat Security at the SXSW Conference

Wombat Security Technologies will be showcasing a new addition to its Awareness Video Campaigns at this month’s South by Southwest (SXSW) Conference. The Awareness Video Campaigns are a new addition to the Security Awareness Materials produced by Wombat, the purpose of which is to remind employees of the need to be security aware and how simple changes to behavior can have a major impact on their organizations. Cybersecurity concepts...

Read More
Wombat Security Included in Gartner 2016 Magic Quadrant for Security Awareness Computer-Based Training
Mar10

Wombat Security Included in Gartner 2016 Magic Quadrant for Security Awareness Computer-Based Training

Gartner Inc., has included Wombat Security Technologies in its 2016 Magic Quadrant for Security Awareness Computer-Based Training. This is the third consecutive year than the cyber security awareness training provider has been included in the Magic Quadrant. Gartner rates companies on two main criteria: The ability to execute and completeness of vision. Each vendor is assessed and given a score in each area. Based on the score for...

Read More
Guidance on Cyber Threats Issued to Healthcare Organizations by OCR
Mar08

Guidance on Cyber Threats Issued to Healthcare Organizations by OCR

The U.S. Department of Health and Human Services’ Office of Civil Rights has issued new guidance on cyber threats, advising HIPAA-covered entities to obtain the latest intelligence on new cyber threats that could potentially allow cybercriminals to gain access to the protected health information of patients and health plan members. Threat intelligence is issued by many organizations, although OCR recommends in its guidance on cyber...

Read More
Agari Wins Security PG 2017 Global Excellence Award for Best Security Software
Mar03

Agari Wins Security PG 2017 Global Excellence Award for Best Security Software

The cybersecurity firm Agari has been crowed winner of the Best Security Software category at this year’s Security Product Guide 2017 Global Excellence Awards. The Security Products Guide is used by decision makers to determine the best IT security products to deploy to protect digital assets. The reviews in the guide are invaluable for helping narrow down products to those that are best suited for each individual organization. The...

Read More
Largest Healthcare W-2 Phishing Scam of 2017: 17,000 Employees Impacted
Feb23

Largest Healthcare W-2 Phishing Scam of 2017: 17,000 Employees Impacted

The largest healthcare W-2 phishing scam of the year to date has recently been reported by American Senior Communities of Indiana. While many organizations have already reported being fooled by phishing emails this tax season, this was the largest healthcare W-2 phishing scam by some distance, impacting more than 17,000 of the organization’s employees. This year has already seen 74 organizations scammed, and that number is certain to...

Read More
Ironscales Wins Best Messaging Security Solution Award
Feb15

Ironscales Wins Best Messaging Security Solution Award

Cyber Defense Magazine has announced the winners of its 2017 Awards, with Ironscales winning an Editor’s Choice Award in the Best Messaging Security Solution category for its automated phishing defense platform IronTraps™. The Cyber Defense Magazine Awards are decided by a panel of independent information security experts, with nominated products assessed on a wide range of criteria over a period on months. The prestigious awards...

Read More