Category Archives: Cybersecurity
New Phishing Trick That Can Bypass Email URL Filters
There is a new Phishing trick that hackers have come up with, this trick is to make Office documents carrying malicious links undetectable by many email security services. They go about deleting the links from the document’s relationship file (xml.rels). This phishing trick has been seen by security professionals during email spam campaigns, these URL’s…
Users Affected by 19 Year Old WinRAR Flaw
WinRAR urges to update one of the worlds most popular compression software that had a flaw that 500 Million users in the past 19 years have been affected by and they finally released a patch for this flaw. What is the vulnerability? The UNACEv2.DLL vulnerability was discovered security researchers from Check Point Software and they…
Data Breach At UW Medicine
The data breach at SEATTLE’s UW Medicine exposed around 974,000 patient records. The files that web public did not contain anything too revealing, no medical or financial information or Social Security Numbers were available to be read. The content that was exposed were names, medical record numbers and descriptions. How did this happen? A public…
Have I Been Compromised Online?
So, your clicking around on the internet and come across news of compromised companies and now your wondering have I been compromised online? Are my usernames and passwords available online? Unfortunately, the answer to your question is your information is probably in the dark web up for grabs for anyone to take. Data breaches…
Trickbot can now obtain your remote access credentials
The Banking Trojan called Trickbot has an updated ability and can now harvest your username and passwords from remote access type applications. This would allow the hacker to remote into systems using the username and password obtained. TrendMicro Analysts stated “The malware arrives via an email disguised as a tax incentive notification from a major…
HIPAA Compliance Checklist
Are you looking for a HIPAA Compliance Checklist to self-evaluate your practice or organization? I have created an easy to read document that does just that. This HIPAA Compliance Checklist was built upon a previous post called: HIPAA Compliance Program Tips which spoke about The Seven Fundamental Elements of an Effective Compliance Program Implementing written…
Critical vulnerability in WordPress plugin Simple Social Buttons
There is a critical vulnerability in the WordPress plugin called Simple Social Buttons. The vulnerability can be used to enable a non-admin user to modify your WordPress installation and allow them to take over your website. So what is the issue here? The researchers with WebARX stated on Monday (2-11-19) that the vulnerability results from…
HIPAA COMPLIANCE PROGRAM TIPS
Here are the Fundamental and Practical Tips for achieving HIPAA compliance with your organization. The Seven Fundamental Elements of an Effective Compliance Program Implementing written policies, procedures and standards of conduct. Designating a compliance officer and compliance committee. Conducting effective training and education. Developing effective lines of communication. Conducting internal monitoring and auditing. Enforcing standards…
Slack has upcoming HIPAA Compliant Features
Slack has been working hard and now have some upcoming HIPAA Compliant Features in the works. So far their file upload service is the only feature that is HIPAA compliant. Let’s not shy away from the vendor just yet because after all they are NIST complaint and which plays a roll into HIPAA. Since…
Remote Desktop Protocol Has Plenty Code-Execution Flaws
Remote Desktop Protocol has plenty of code-execution flaws in both open-source RDP and Microsoft’s RDP client. This makes it possible for a malicious hackers to infect a client computer and then allow them to intrude into the IT network as a whole. What IS RDP? Remote Desktop Protocol (RDP) is a proprietary protocol developed by…