University researchers say that smart TVs are leaking sensitive, private user information to companies including Google, Facebook, and Netflix.
As reported by the Financial Times, smart television sets produced by popular vendors including Samsung, Apple, and LG, alongside content and app streaming devices such as Amazon's FireTV and Roku, are sending out information potentially without the knowledge or consent of users.
Researchers at AdaptiveMobile Security, a firm that specializes in cyber telecoms security, have disclosed a new SIM card attack method that could work against over 1 billion mobile phones, and they claim it has already been exploited by a surveillance company to track users.
The Health Insurance Portability and Accountability Act, better known as HIPAA, has been around since 1996, with the intent to protect patients by properly handling their protected health information (PHI).
With good intentions, HIPAA set forth to provide both security provisions and data privacy. The legislation was passed in the age of paper records, a time that required much different security measures than what we see today.
23 years later, it’s safe to say the ways in which we store, access, or transfer PHI have changed drastically. Of course, incredible changes and advancements in technology require changes to how we protect and safely handle patient data. Have we seen regulatory change with HIPAA regarding the digital age we now live in?
Verizon, the No. 1 mobile carrier in the United States, this week introduced a free version of its robocall-blocking app, which will be standard on all new Android devices. The company further announced that it will auto-enroll eligible Android users to its Call Filter service and block what are seen as "high-risk" calls.
This includes calls from numbers that have been reported as fraudulent. Those calls will be sent to voicemail, while the display on caller ID will indicate "Potential Spam" to warn callers that it is likely a robocall.
Android users also can set their phones to block all international incoming calls via both the free app and within the Call Filter Plus service, which Verizon introduced in March.
For more information, check out the article here.
Wikipedia, the global online encyclopedia experienced intermittent service outages between September 6 and September 7, 2019.
The attack was launched on September 6, 2019 (Friday) and targeted several countries including the U.K., France, Germany, Italy, the Netherlands, Poland, and parts of the Middle East.
For more information, check out the Cyware article here.
Phone numbers linked to over 400 million Facebook accounts were recently found on an online server that was not password-protected. The information in question, according to the report, included users' Facebook IDs — which are strings of numbers used by the company to uniquely identify an account — and the associated phone number for each account. Some records are said to have included the user's name, gender, and country in which they resided.
IFA, Europe's premiere consumer tech trade show, is a massive showcase in Berlin for companies to display their latest products in front of international media and hordes of showgoers. Companies like Amazon, Samsung, Electrolux, LG, Lenova and Qualcomm will be front and center at IFA, alongside other companies perhaps less familiar to American audiences.
IFA's official dates this year are Friday, Sept. 6, to Wednesday, Sept. 11. Press coverage begins Wednesday, Sept. 4, with the first media day.
The popular “CamScanner” Android App, downloaded by Android users more than 100 million times, was recently discovered to be riddled with offensive malware. Kaspersky researchers discovered the malicious components of the app following a series of negative reviews on the Google Play store.
CamScanner app scans documents using its Optical Character Recognition (OCR) feature and converts them into PDF files. The app is available for free download from the Google Play store. This popular app was developed and maintained by INTSIG Information Co Ltd and helps users to convert any printed document into a PDF file.
The app and its functionality seem to be legitimate as the app owners generate their revenue from the in-app advertisements. Security researchers also pointed out that one of the advertising libraries that the app owners pushed recently contained the malware component.
For full article, click here.
If you’ve wanted to just plug a physical security key into your iPhone to log into apps securely — instead of problematic text messages or paging over to your authenticator app — now you can. Yubico is releasing the $70 YubiKey 5Ci, the first security key that can plug into your iPhone’s Lightning port or a USB-C port, and it’s compatible with popular password vaults LastPass and 1Password out of the box.
The New York State Department of Health provides the types of healthcare providers which should be implementing this update notice protocol immediately:
Hospitals, nursing homes, and diagnostic and treatment centers,
Adult care facilities, and
Home health agencies, hospices, licensed home care services agencies.
Everything a crook needs to commit financial identity theft — personal data such as your SSN and bank account numbers — sells for about $25 on the black market. But stolen health insurance and medical records can fetch about $1,000 per person. The greater potential yield of medical identity theft justifies the higher price. Older Americans are particularly vulnerable; Medicare billing scams cost taxpayers over $60 billion a year.
Security firm Check Point has revealed it has found a way to hack every iPhone and iPad running iOS 8 right up to betas of iOS 13. This spread covers eight years of devices (iOS 8 supports the 2011 iPhone 4S) and, with Tim Cook stating there are 1.4BN active iOS devices around the world, this is worrying news for Apple owners.
Google is launching a beta of its augmented reality walking directions feature for Google Maps, with a broader launch that will be available to all iOS and Android devices that have system-level support for AR.
The Live View feature isn’t designed with the idea that you’ll hold up your phone continually as you walk — instead, in provides quick, easy and super-useful orientation by showing you arrows and big, readable street markers overlaid on the real scene in front of you.
As a Manager, you can divide your list of tasks into two categories: "ad-hoc" tasks and maintenance tasks. Examples of dealing with “ad-hoc” tasks include remediating gaps identified on a Risk Assessment and dealing with a security incident. There are also maintenance tasks that must be performed regularly. One example is tracking Employee Training. Another is a vulnerability scan. Read more —>
A series of ransomware attacks on school district systems leads the governor to declare the state's first cybersecurity state of emergency.
Louisiana is no stranger to declarations of emergency, but it never had one for a cybersecurity emergency — until this week. A series of attacks on school districts around the state led Governor John Bel Edwards to issue the declaration that brings new resources and statewide coordination to what had been a collection of local cybersecurity events.
For more information, check out the article here.
ALERT: Internet bad guys are now trying to trick you into filing an Equifax claim and get a $125 payment because your personal data was in the Equifax data breach. They are sending phishing attacks that look like they come from Equifax and when you click on the links, you wind up on a fake website that looks like it's Equifax, but will try to steal your personal information. Don't fall for it.
if you want to file a claim, go the the legit FTC website and click on the blue "File a Claim" button. The website will check your eligibility for that claim, not everyone's information was compromised. Here is the link to the FTC site: https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement
Security and HIPAA compliance can be difficult with the rise of healthcare apps and providers utilizing their own devices. In order to prepare themselves for this projected growth, telehealth systems need to be scalable to accommodate an increasing amount of data and technologic components. The purpose of this paper is to help define what characteristics make a telehealth infrastructure program successful in reaping the rewards of this revolution in healthcare.
Check out the Advantech paper here.
SkyPort IT has recently partnered with HIPAA Secure Now! (HSN), a comprehensive and affordable HIPAA Security service. HSN consists of policies and procedures that address: administrative, physical, and technical safeguards. The service also provides Risk Assessment, HIPAA Security Training and Compliance Testing, and 12 Months of use for the HIPAA Secure Compliance Portal.
As an example of their prowess, HSN managed to avoid a situation where a client could’ve been subjected to a fine for a breach—simply because HSN helped the client with everything to comply with regulations. An investigator from the Office of Civil Rights (OCR) stated in a response letter to the client breach that since they were using HSN along with an IT service, they had done all they could to comply with regulations. Therefore, the investigators found no reason to subject the client to a fine for a breach.
If you’re interested in this service, our information booklet can be found here.
Our CEO, Daniel Marcellus, will be a guest speaker on the subject of Ransomware, Cybersecurity, and IT Security at the August event for HDI Western & Central NY. This event will be held Tuesday, August 6, 2019 from 1:00 PM to 4:00 PM at Paychex University Park Lecture Hall in West Henrietta.
Please click here if you’re interested in registering for the event. For those attending, our Promo Code is SKYPORTIT. We hope to see you there!
SkyPort IT has been recognized by Healthcare Tech Outlook magazine as one of the top 10 Healthcare IT Service Providers of 2019. Within the magazine, you’ll find an article that discusses more about how SkyPort marries IT with HIPAA compliance.
Link to article.