Tag Archives: US-CERT

Office of the National Coordinator Issues Guidance After NotPetya Attack

Following the most recent ransomware attack, known as NotPetya, (among other nicknames), many health care entities were victims of the ransomware, which prompted the Office of the National Coordinator (ONC) to issue guidance to assist health care entities in the aftermath. In two separate warnings/updates, ONC provides guidance to health care entities on what to … Continue Reading

Take-Aways from WannaCry

We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks will only get more sophisticated. It is being estimated that the cost associated … Continue Reading

OCR Urges Covered Entities and Business Associates to Use HTTPS

New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities. According to OCR, the vulnerability can be introduced by the use of products that inspect HTTPS traffic. These products are used to detect malware or unsafe connections, which … Continue Reading

Privacy Tip #29 – U.S. + Canada issue joint ransomware special alert—read and follow recommendations

We have frequently alerted individuals and companies about the increasing risk and success posed by sophisticated phishing schemes. It has become such a real and grave problem that the U.S. Computer Emergency Readiness Team of the Department of Homeland Security (US-CERT) has teamed up with the Canadian Cyber Incident Response Centre to issue a joint … Continue Reading

FDIC cybersecurity framework features four areas critical to bank security

Long gone are the days when a financial institution’s primary security concern was protecting cash in the bank vault, the Federal Deposit Insurance Corporation (FDIC) acknowledges in its recent article, “A Framework for Cybersecurity,” released February 1, 2016. Instead, the framework asserts that cyber-attacks now represent “one of the most critical challenges facing the financial … Continue Reading
LexBlog