Tag: security

Loyalty Programs: Hot Target for Cyber Criminals

Loyalty Programs: Hot Target for Cyber Criminals

General
Loyalty Programs: Hot Target for Cyber Criminals Cyber criminals are continually looking for new targets. In recent years, loyalty programs have become the hot target for cyber attackers. One of the least highlighted aspects of recent data breaches is how loyalty programs compromised organizations’ network security. In late November, this year, Marriottdisclosed that out of the 500 million guests affected by a 4-year long data breach, account information of 327 million guests relating to the company’s Starwood Preferred Guest (“SPG”) had been accessed by an unauthorized party. SPG is the loyalty program of Starwood Hotels & Resorts Worldwide – the hotel chain acquired by Marriott in September 2016. Early this year, Marriott completed the integration of the two companies’ loyalty programs. It’s too early to tell what would become of…
Read More
Servers Left Running Without Security Updates Can be Your Organization’s Weakest Link

Servers Left Running Without Security Updates Can be Your Organization’s Weakest Link

Information Security
Servers Left Running Without Security Updates Can be Your Organization’s Weakest Link The revelation that the server used by attackers as a passageway in Singapore’s biggest cyberattack hadn’t been updated for more than a year shows how a failure to update a server can be your organization’s weakest link. The circumstances surrounding the failure to update the server used by attackers in ultimately reaching Singapore Health Services (SingHealth)'s critical system were revealed during the recent hearing conducted by the Committee of Inquiry (COI), the body tasked to investigate Singapore’s biggest cyberattack, the SingHealth cyberattack. Last July 20, Singapore’s Ministry of Communications and Information and Ministry of Health issued a joint statementdisclosing that attackers stole non-medical related personally identifiable information of more than 1.5 million patients who visited SingHealth’s outpatient clinics…
Read More
Mind the Air Gap: Pros and Cons of Network Separation

Mind the Air Gap: Pros and Cons of Network Separation

Information Security
Mind the Air Gap: Pros and Cons of Network Separation The Singaporean Government recently completed the task of disconnecting staff computers at public healthcare facilities from the internet. Disconnecting the staff computers from the internet, also known as internet surfing separation, network separation or air-gapping, is aimed at preventing cyberattacks, Singapore's Deputy Prime Minister Teo Chee Heansaid at an engineering conference. The announcement of air-gapping or network separation at the public healthcare facilities in Singapore came on the heels of a major cyberattack at the Singapore Health Services (SingHealth), the country’s largest group of healthcare institutions. Singapore’s Ministry of Health, in a statement, said, non-medical personally identifiable information of more than 1.5 million patients who visited SingHealth’s outpatient clinics and polyclinics from May 1, 2015 to July 4, 2018 were…
Read More
WannaCry Still a Threat to Businesses

WannaCry Still a Threat to Businesses

Information Security, Security
WannaCry Still Threatening Businesses U.S. aircraft maker Boeing is the latest company hit by the infamous WannaCry malicious software (malware). Early in the day of March 28, 2018, Mike VanderWel, chief engineer at Boeing Commercial Airplane Production Engineering, sent out a memo informing his colleagues about the WannaCry cyberattack at the company’s North Charleston, South Carolina production plant, The Seattle Timesreported. VanderWel wrote that the cyberattack was “metastasizing” or spreading out of the company’s North Charleston production plant and could potentially “spread to airplane software”. By evening of March 28th, the company was calling for calm. “We’ve done a final assessment,” Linda Mills, head of communications for Boeing Commercial Airplanes, said in a statement. “The vulnerability was limited to a few machines. We deployed software patches. There was no interruption…
Read More

Tag: security

Loyalty Programs: Hot Target for Cyber Criminals

Loyalty Programs: Hot Target for Cyber Criminals

General
Loyalty Programs: Hot Target for Cyber Criminals Cyber criminals are continually looking for new targets. In recent years, loyalty programs have become the hot target for cyber attackers. One of the least highlighted aspects of recent data breaches is how loyalty programs compromised organizations’ network security. In late November, this year, Marriottdisclosed that out of the 500 million guests affected by a 4-year long data breach, account information of 327 million guests relating to the company’s Starwood Preferred Guest (“SPG”) had been accessed by an unauthorized party. SPG is the loyalty program of Starwood Hotels & Resorts Worldwide – the hotel chain acquired by Marriott in September 2016. Early this year, Marriott completed the integration of the two companies’ loyalty programs. It’s too early to tell what would become of…
Read More
Servers Left Running Without Security Updates Can be Your Organization’s Weakest Link

Servers Left Running Without Security Updates Can be Your Organization’s Weakest Link

Information Security
Servers Left Running Without Security Updates Can be Your Organization’s Weakest Link The revelation that the server used by attackers as a passageway in Singapore’s biggest cyberattack hadn’t been updated for more than a year shows how a failure to update a server can be your organization’s weakest link. The circumstances surrounding the failure to update the server used by attackers in ultimately reaching Singapore Health Services (SingHealth)'s critical system were revealed during the recent hearing conducted by the Committee of Inquiry (COI), the body tasked to investigate Singapore’s biggest cyberattack, the SingHealth cyberattack. Last July 20, Singapore’s Ministry of Communications and Information and Ministry of Health issued a joint statementdisclosing that attackers stole non-medical related personally identifiable information of more than 1.5 million patients who visited SingHealth’s outpatient clinics…
Read More
Mind the Air Gap: Pros and Cons of Network Separation

Mind the Air Gap: Pros and Cons of Network Separation

Information Security
Mind the Air Gap: Pros and Cons of Network Separation The Singaporean Government recently completed the task of disconnecting staff computers at public healthcare facilities from the internet. Disconnecting the staff computers from the internet, also known as internet surfing separation, network separation or air-gapping, is aimed at preventing cyberattacks, Singapore's Deputy Prime Minister Teo Chee Heansaid at an engineering conference. The announcement of air-gapping or network separation at the public healthcare facilities in Singapore came on the heels of a major cyberattack at the Singapore Health Services (SingHealth), the country’s largest group of healthcare institutions. Singapore’s Ministry of Health, in a statement, said, non-medical personally identifiable information of more than 1.5 million patients who visited SingHealth’s outpatient clinics and polyclinics from May 1, 2015 to July 4, 2018 were…
Read More
WannaCry Still a Threat to Businesses

WannaCry Still a Threat to Businesses

Information Security, Security
WannaCry Still Threatening Businesses U.S. aircraft maker Boeing is the latest company hit by the infamous WannaCry malicious software (malware). Early in the day of March 28, 2018, Mike VanderWel, chief engineer at Boeing Commercial Airplane Production Engineering, sent out a memo informing his colleagues about the WannaCry cyberattack at the company’s North Charleston, South Carolina production plant, The Seattle Timesreported. VanderWel wrote that the cyberattack was “metastasizing” or spreading out of the company’s North Charleston production plant and could potentially “spread to airplane software”. By evening of March 28th, the company was calling for calm. “We’ve done a final assessment,” Linda Mills, head of communications for Boeing Commercial Airplanes, said in a statement. “The vulnerability was limited to a few machines. We deployed software patches. There was no interruption…
Read More