U.S. intelligence agencies, including the FBI, the Office of the Director of National Intelligence, the National Security Agency and the Cybersecurity and Infrastructure Security Agency, have confirmed that Russia was behind the SolarWinds hack. It is reported that the FBI is investigating whether Russia hacked into project management software JetBrains’ TeamCity DevOps tool to originally

The Department of Homeland Security (DHS) cybersecurity advisory arm issued a warning on its website that “[M]alicious cyber actors are targeting unpatched systems” with a new exploit code that on unpatched systems could spread to millions of computers.

The exploit code, called SMBGhost, attacks a security vulnerability in the server message block (SMB) that Microsoft

On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk during the COVID-19 crisis, as threat actors are using the pandemic to take advantage of vulnerabilities while hospitals are focused on responding to the crisis.

According to Microsoft “[D]uring this time of crisis, as

Microsoft announced this week that it would extend the consumer rights currently given to California consumers through the California Consumer Privacy Act to all consumers—no matter where they reside.

I applaud this move (especially because I don’t reside in CA). But why should my personal information be protected differently than those who live in California?

Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware that affected hundreds of thousands of machines in 2017.

According to the report, 40 percent of Artemis’ health care clients

The bane of data security is the patch. The patch is what your IT guys are doing in the background to fix vulnerabilities in software that are known to the manufacturers, and to attempt to fix the vulnerability before hackers can exploit it.

Patching is a very important part of a security plan, but the

Security researchers at Radboud University in the Netherlands have discovered a flaw in several manufacturers’ solid state hard drive firmware that can be exploited to read data from self-encrypting drives (SED). The researchers published their findings in a paper on November 5th. The authors identified several methods they were able to use to bypass hardware

Many companies are migrating their email systems to Microsoft Office 365 (O365). The majority of security incidents in which we have been engaged in over the past six months involve a hacker successfully phishing an employee of the company (most of the time someone who is an executive in the company) and then spoofing the