If you’ve wanted to just plug a physical security key into your iPhone to log into apps securely — instead of problematic text messages or paging over to your authenticator app — now you can. Yubico is releasing the $70 YubiKey 5Ci, the first security key that can plug into your iPhone’s Lightning port or a USB-C port, and it’s compatible with popular password vaults LastPass and 1Password out of the box.
The New York State Department of Health provides the types of healthcare providers which should be implementing this update notice protocol immediately:
Hospitals, nursing homes, and diagnostic and treatment centers,
Adult care facilities, and
Home health agencies, hospices, licensed home care services agencies.
Everything a crook needs to commit financial identity theft — personal data such as your SSN and bank account numbers — sells for about $25 on the black market. But stolen health insurance and medical records can fetch about $1,000 per person. The greater potential yield of medical identity theft justifies the higher price. Older Americans are particularly vulnerable; Medicare billing scams cost taxpayers over $60 billion a year.
Security firm Check Point has revealed it has found a way to hack every iPhone and iPad running iOS 8 right up to betas of iOS 13. This spread covers eight years of devices (iOS 8 supports the 2011 iPhone 4S) and, with Tim Cook stating there are 1.4BN active iOS devices around the world, this is worrying news for Apple owners.
Google is launching a beta of its augmented reality walking directions feature for Google Maps, with a broader launch that will be available to all iOS and Android devices that have system-level support for AR.
The Live View feature isn’t designed with the idea that you’ll hold up your phone continually as you walk — instead, in provides quick, easy and super-useful orientation by showing you arrows and big, readable street markers overlaid on the real scene in front of you.
As a Manager, you can divide your list of tasks into two categories: "ad-hoc" tasks and maintenance tasks. Examples of dealing with “ad-hoc” tasks include remediating gaps identified on a Risk Assessment and dealing with a security incident. There are also maintenance tasks that must be performed regularly. One example is tracking Employee Training. Another is a vulnerability scan. Read more —>
A series of ransomware attacks on school district systems leads the governor to declare the state's first cybersecurity state of emergency.
Louisiana is no stranger to declarations of emergency, but it never had one for a cybersecurity emergency — until this week. A series of attacks on school districts around the state led Governor John Bel Edwards to issue the declaration that brings new resources and statewide coordination to what had been a collection of local cybersecurity events.
For more information, check out the article here.
ALERT: Internet bad guys are now trying to trick you into filing an Equifax claim and get a $125 payment because your personal data was in the Equifax data breach. They are sending phishing attacks that look like they come from Equifax and when you click on the links, you wind up on a fake website that looks like it's Equifax, but will try to steal your personal information. Don't fall for it.
if you want to file a claim, go the the legit FTC website and click on the blue "File a Claim" button. The website will check your eligibility for that claim, not everyone's information was compromised. Here is the link to the FTC site: https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement
Security and HIPAA compliance can be difficult with the rise of healthcare apps and providers utilizing their own devices. In order to prepare themselves for this projected growth, telehealth systems need to be scalable to accommodate an increasing amount of data and technologic components. The purpose of this paper is to help define what characteristics make a telehealth infrastructure program successful in reaping the rewards of this revolution in healthcare.
Check out the Advantech paper here.
SkyPort IT has recently partnered with HIPAA Secure Now! (HSN), a comprehensive and affordable HIPAA Security service. HSN consists of policies and procedures that address: administrative, physical, and technical safeguards. The service also provides Risk Assessment, HIPAA Security Training and Compliance Testing, and 12 Months of use for the HIPAA Secure Compliance Portal.
As an example of their prowess, HSN managed to avoid a situation where a client could’ve been subjected to a fine for a breach—simply because HSN helped the client with everything to comply with regulations. An investigator from the Office of Civil Rights (OCR) stated in a response letter to the client breach that since they were using HSN along with an IT service, they had done all they could to comply with regulations. Therefore, the investigators found no reason to subject the client to a fine for a breach.
If you’re interested in this service, our information booklet can be found here.
Our CEO, Daniel Marcellus, will be a guest speaker on the subject of Ransomware, Cybersecurity, and IT Security at the August event for HDI Western & Central NY. This event will be held Tuesday, August 6, 2019 from 1:00 PM to 4:00 PM at Paychex University Park Lecture Hall in West Henrietta.
Please click here if you’re interested in registering for the event. For those attending, our Promo Code is SKYPORTIT. We hope to see you there!
If you're one of the millions of Zoom video-conferencing users and have the app installed on a Mac, then you're being advised to check your settings to ensure you have the video camera disabled by default—the tickbox is "turn off my video when joining a meeting," and can be found in the video section of the settings.
This is because of a security flaw that has been disclosed today by researcher Jonathan Leitschuh under the zero-day approach. Users are also advised to ensure their apps are updated as patches are released by the company.
For more information, check out the Forbes article here.
One of SkyPort IT’s partners, Mercy Flight Central (MFC), recently hosted a fundraising event this past June at Cobblestone Creek Country Club. MFC provides service 24-hours a day, 7 days a week to more than 3 million people living in our area. The organization began operations as an advanced life support air ambulance service and has since expanded to become New York’s premier critical care air medical service.
We were happy to be a sponsor to this fun event. We would like to thank Mercy Flight Central for their continuing commitment in providing critical care to those in need, and for all they do for our community!
Smart home technology has come under increasing scrutiny in the past year. Although convenient to some, security experts have long warned that adding an internet connection to a device increases the attack surface, making the devices less secure than their traditional counterparts.
Having your “ducks in a row” took on a new meaning this year when SkyPort IT attended the 2019 NYSAASC Spring Conference in Saratoga Springs, NY. While there, we educated attendees on the increasing importance of HIPAA compliance within an IT infrastructure. When dealing with PHI, companies can never be too careful in making certain that they have policies and procedures in order to prevent a breach.
SkyPort IT would like to thank everyone for such an amazing time this year, and we hope to see you next year!
Twitter URLs could be abused for various activities including distributing malware, spread fake news, and redirecting users to a phishing page. This redirection trick is even more powerful on mobile devices, as the redirect is completely hidden and the tweet opens in the Twitter client.
To read more on how this could be done, check out Cyware’s article here.
U.S. Customs and Border Protection has confirmed a data breach has exposed the photos of travelers and vehicles traveling in and out of the United States.
The photos were transferred to a subcontractor’s network and later stolen through a “malicious cyberattack,” a CBP spokesperson told TechCrunch in an email.
For more information, check out the article here.