Satyendra Singh Hackers are always finding ways to circumvent security and abuse the programs companies rely on to function in the Internet age to gain access to sensitive information. Frequently, the tools we use are the sources of vulnerabilities in a system. This does not mean we should abandon the tools, nor does it mean [...]
20 May 2013
The U.S. Department of Health and Human Services is investigating allegations that proprietary information from Monroeville’s 911 dispatch center was released in violation of federal privacy law. An August 2012 complaint to the department’s Office for Civil Rights alleged the municipality’s emergency management service provided health information protected under the federal Health Insurance Portability and [...]
17 May 2013
Overview In the past four years there have been several major cyber attacks against South Korea. We have identified a particular back door (Backdoor.Prioxer) that surfaced during the 2011 attacks. A modified version of this back door was also discovered during the 2013 attacks. The back door is based on publicly available code, but there [...]
16 May 2013
Satyendra Singh Cross-platform vulnerabilities are becoming the tool of choice for malware creators and hackers. These malicious attackers seek out programs and functions that are widely used, spread across at least the three major platforms, and provide some method of gaining control over or access to the target’s computer. A few programs have shown themselves [...]
15 May 2013
Complying with the HIPAA Omnibus Rule requires careful planning, says John Pritchard, information security manager at St. Charles Health System in Oregon. That’s why he helped formed a task force to lead the effort. “We’re going to look at individual things that are published within the final rule and figure out how we’re going to respond to [...]
14 May 2013
Satyendra Singh With the plethora of information security options that are available, it can be difficult to determine what services your system needs. More complicated configurations beyond a simple LAN can provide other considerations. Most people with a basic grasp of how the Internet works understand that a firewall is necessary to protect your electronics, [...]
13 May 2013
Our phones have been ringing off the hook the past few weeks (which is a good thing!) and we anticipate that this will continue as customers, prospects and partners work to get their arms around the new U.S. Department of Health and Human Services (HHS) Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule that [...]
10 May 2013
The University of Mississippi Medical Center (UMMC) is notifying patients who visited UMMC between 2008 and January 2013 that their health information may have been stored on a laptop computer that’s “missing.” Apparently, the device was not protected with laptop encryption like AlertBoot, which may have been a result of the laptop being “a shared device, used [...]
09 May 2013
Satyendra Singh The broad and interwoven network that our technology utilizes encourages divergent systems to find ways to work together. One of the most effective ways of doing this comes from Java applications. Unfortunately, Java’s ability to disseminate applications across a larger number of systems has made it a prime target for malicious users who [...]
08 May 2013
At the RSA USA 2013 Conference I overheard an attendee remark that threat intelligence was “the latest fad in the security industry.” The person further commented that security fundamentals were, and always will be, the only thing that really matters. I can’t disagree that the fundamentals of security are as important as ever to an [...]
