Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Top Posts
ObliqueRAT Trojan Lurks On Compromised Websites – Experts...
Microsoft Multiple 0-Day Attack – Tenable Comment
Experts Reaction On Malaysia Airlines 9 Years Old...
IoT Security In The Spotlight, As Research Highlights...
Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber...
Expert Reaction On Solarwinds Blames Intern For Weak...
Expert Reaction On Go Is Becoming The Language...
Three Reasons The Security Industry Is Protecting The...
Experts On Google Voice Outage
Preparing For Tomorrow – Why Weathering The Initial...
Information Security Buzz
Connecting Security Experts
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Expert(s): November 30, 2020
Justin Heard
Director of the Security Intelligence and Analyticsfeature_status*/ ?>
Nuspire

Comments Dotted : 2
September 29, 2020

Experts Reacted On Universal Healthcare Services Cyber Attack

The ransomware operators likely saw UHS as the opportunity to make a quick buck given the urgency to keep operations going.
The use of Ryuk Ransomware in the Universal Health Services attack is an interesting pivot for the ransomware operators. Up until recently, Ryuk was used solely to target financial services, but over the last several months Ryuk has been seen targeting manufacturing, oil and gas, and now healthcare. Ryuk is known to target large organizations across industries because it demands a very high ransom. The ransomware operators likely saw UHS as the opportunity to make a quick buck given the urgency .....Read More
The use of Ryuk Ransomware in the Universal Health Services attack is an interesting pivot for the ransomware operators. Up until recently, Ryuk was used solely to target financial services, but over the last several months Ryuk has been seen targeting manufacturing, oil and gas, and now healthcare. Ryuk is known to target large organizations across industries because it demands a very high ransom. The ransomware operators likely saw UHS as the opportunity to make a quick buck given the urgency to keep operations going, and the monetary loss associated with that downtime could outweigh the ransom demand. Ryuk Ransomware is run by a group called Wizard Spider, which is known as the Russia-based operator of the TrickBot banking malware. Ryuk is one of the most evasive ransomware out there. Nuspire Intelligence has repeatedly seen the triple threat combo of Ryuk, TrickBot and Emotet to wreak the most damage to a network and harvest the most amount of data.  Read Less
Like(1)  (0)

Linkedin Message

@Justin Heard, Director of the Security Intelligence and Analytics, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The ransomware operators likely saw UHS as the opportunity to make a quick buck given the urgency to keep operations going...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-united-healthcare-services-cyber-attack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Justin Heard, Director of the Security Intelligence and Analytics, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The ransomware operators likely saw UHS as the opportunity to make a quick buck given the urgency to keep operations going...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-united-healthcare-services-cyber-attack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
July 29, 2020

Experts warn of vetting third-part partners in light of Promo.com Breach

The Promo breach serves as a reminder of the importance of vetting your third-party partners.
Your attack surface is a lot bigger than you think. The Promo breach serves as a reminder of the importance of vetting your third-party partners. If your third-party partners don’t have equal or greater security standards, they are a security risk. As your organization grows and scales, so does your list of third-party vendors, so it is in every organization’s best interest to always vet the security of their vendors. The overarching issue with third-party security is accountability......Read More
Your attack surface is a lot bigger than you think. The Promo breach serves as a reminder of the importance of vetting your third-party partners. If your third-party partners don’t have equal or greater security standards, they are a security risk. As your organization grows and scales, so does your list of third-party vendors, so it is in every organization’s best interest to always vet the security of their vendors. The overarching issue with third-party security is accountability. If your organization collects customer data or has privileged access, it is your responsibility to keep that data protected and fines should be issued if an organization fails to do so. If your organization has access to customer data, I recommend employing a layered approach to security, which requires advanced antivirus detection over legacy tools and educating your staff on what they can do to prevent security incidents.  Read Less
Like(0)  (0)

Linkedin Message

@Justin Heard, Director of the Security Intelligence and Analytics, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Promo breach serves as a reminder of the importance of vetting your third-party partners...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-warn-of-vetting-third-part-partners-in-light-og-promo-com-breach

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Justin Heard, Director of the Security Intelligence and Analytics, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Promo breach serves as a reminder of the importance of vetting your third-party partners...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-warn-of-vetting-third-part-partners-in-light-og-promo-com-breach

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Saryu Nayyar, CEO, Gurucul

"The evolution of the ObliqueRAT trojan is a good example of how malicious actors are constantly updating their tools and techniques. "

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

James McQuiggan, Security Awareness Advocate, KnowBe4

"It is essential to conduct red team or pen testing exercises. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Nikos Mantas, Incident Response Expert, Obrela Security Industries

"Data security should be a priority for all organisations today. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

David Sygula, Senior Cybersecurity Analyst , CybelAngel

"Organisations must constantly scan for leaked documents outside the enterprise perimeter. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Satnam Narang, Senior Research Engineer, Tenable

"We expect other threat actors to begin leveraging these vulnerabilities in the coming days and weeks. "

Microsoft Multiple 0-Day Attack – Tenable Comment

Sam Curry, Chief Security Officer, Cybereason

"Total transparency is needed and they need to hone in on more specific details and be completely transparent with Enrich members. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Florian Thurmann, Technical Director, EMEA , Synopsys Software Integrity Group

"Your organisation won’t be able to determine which of their employees has made a given change in the system. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Alan Grau, VP of IoT , Sectigo

"Best-practices for IoT device security include strong authentication and secure software updates. "

IoT Security In The Spotlight, As Research Highlights Alexa Security Flaws

Jake Moore, Cybersecurity Specialist, ESET

"Sensitive data such as this leaked into dark web forums can have damaging consequences. "

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic

"Password hygiene should be part of employee training and cyber awareness training. "

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Natalie Page, Cyber Threat Intelligence Analyst, Sy4 Security

"Currently Golang produce’s a much lower detection rate against security software. "

Expert Reaction On Go Is Becoming The Language Of Choice For Criminals To Design Malware

Chris Hickman, Chief Security Officer, Keyfactor

"A certificate expiration on its own is not necessarily a security response incident. "

Experts On Google Voice Outage

Adam Enterkin, SVP, EMEA, BlackBerry

"Even the best cybersecurity teams have had major challenges this last year. "

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Jamie Akhtar, CEO and Co-founder, CyberSmart

"Universities are home to some of the world’s most cutting-edge research. "

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab Studying Covid-19

Jake Moore, Cybersecurity Specialist, ESET

"Honourable criminal hacking is still illegal and comes with some of the same intentions of standard unethical hacking. "

Expert Reaction On Private Data Leaked From Far-right Platform Gab

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

ISB CONFERENCE

ISB Conference 2021

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel