Book Review: What They Really Do With Your Medical Data

Posted by Scott Petry

Jan 28, 2017

Thumbnail: Book Review: What They Really Do With Your Medical Data - Illustration for Authentic8 blog review of Our Bodies, Our Data by Adam TannerSECURITY, IDENTITY, NEWS

Happy Data Privacy Day.  A new book provides an in-depth look at the commercial trade in patient medical data.  Sensitive data, a vibrant market, and not much cause for celebration.

*

A while ago, I wrote about the wave of data breaches at healthcare organizations and medical identity theft that is impacting millions and what we can do to protect ourselves better.

One of the readers of that post was acclaimed journalist Adam Tanner, who has reported on data collection and consumer privacy since 2012.

Adam and I have had an ongoing discussion on data privacy and security matters since we met a few years ago.  He was covering the issue for Forbes, and I had a chance to brief him on our secure browser solution.

A few weeks ago, he kindly directed my attention to an unknown - to me, at least - aspect of our personal medical records.

Topics: News, Identity

Industrial Control Systems Under Attack: Secure Browser, Anybody?

Posted by Scott Petry

Jun 28, 2016

Illustration: Blog Post Industrial Control Systems Under Attack - Secure Browser, Anybody?SECURITY, NEWS

The primary threats against Industrial Control Systems (ICS), the computing infrastructure at the heart of utilities and manufacturing plants, come from secret agent style espionage like you see in the movies, right? Wrong.

***

Remember the “Stuxnet” attack that sent the centrifuges in Iran’s Uranium enrichment plant into a self-destructive spin? In that attack, a USB stick was used to cross the security “air gap” of that unconnected computer, and drop malicious software on the (Windows-based) Siemens control units.

Now, attackers targeting critical infrastructure don’t even need to drop a USB stick in the parking lot. They can simply rely on employees opening a phishing email, or visiting a compromised website. That’s all it takes for a motivated outsider to wreak havoc, steal data or lock down critical ICS processes with ransomware.

Topics: News, Security

Must-Have Features of a Secure Virtual Browser

Posted by Gerd Meissner

Jun 21, 2016

Illustration: Whitepaper Cover - Why a Virtual Browser is Important for Your EnterpriseSECURITY, POLICY

How did the local browser become the “security sinkhole" of today’s enterprise? And, more importantly, what’s the alternative ? How can enterprise IT leaders protect their infrastructure against web-borne threats, without putting productivity at risk by restricting web access?

Topics: News, Security

Monthly News Roundup - December 2015 (TL;DR)

Posted by Drew Paik

Jan 1, 2016

2015-12-31_GCluley.png

NEWS

This month we learned that Microsoft’s browser is vulnerable and many people’s Java has security flaws. No, you haven’t traveled back in an infosec time machine. These old-fashioned headlines came back in a new way this month. Oh, and a mere 191 million people’s personally identifiable information was exposed online. Check out those stories plus much more in our December 2015 news roundup:

Topics: News

Monthly News Roundup - November 2015 (TL;DR)

Posted by Drew Paik

Dec 1, 2015

2015-11-30_SCMagazine.pngNEWS

This month we learned about a host of newfangled malware and hacks that compromise everyday websites, online ads, hotel chains, and British tabloids. Plus, State Department employees recently found out that their love of Facebook made them vulnerable to the Axis of Evil. Check out November’s biggest infosec headlines, below:

Topics: News

Monthly News Roundup - October 2015 (TL;DR)

Posted by Drew Paik

Nov 1, 2015

NEWS

October was Cybersecurity Awareness Month and look what we got you: A collector’s edition of this month’s news highlights. Network World also did a product overview of Silo.  According to the headlines, social engineering is on the rise, Flash remains vulnerable, and organizations that shouldn’t be hacked, are. Here’s a look back at October’s biggest infosec news:

Topics: News

Trojan Shmojan (or) How to undermine the world’s greatest digital security threat

Posted by Drew Paik

Oct 12, 2015

2015-09-29_FBI

NEWS

Late last month, a US federal court judge sentenced a Russian cyber criminal Dimitry Belorossov to four-and-a-half years in prison. Apparently, the not-so-nice Mr. Belorossov was guilty of using a computer virus to steal money from unwitting victims. His hacking tool of choice was a software program called Citadel. Citadel is a kind of malware known as a Trojan. It fools victims into giving criminals user IDs and passwords. It can also steal other other important information a user types into their device when they’re online.

Topics: News

Monthly News Roundup - September 2015 (TL;DR)

Posted by Drew Paik

Oct 1, 2015

2015-10-01_DarkReading

NEWS

International hacking was a big theme among this month’s headlines. In addition, we learned about the new dangers of router firmware and Apple’s not-so-secure app approval process. Network World also did a product overview of Silo. Those stories and more in the September InfoSec news roundup:

Topics: News

The lesson from the latest OPM revelation: Biometric security doesn’t cut it (on its own)

Posted by Scott Petry

Sep 24, 2015

2015-09-24_WashingtonPost

NEWS

This week, the Office of Personnel Management announced that the scope of their recent data breach was even larger than reported. Originally, OPM had said a mere 1.1 million people had their fingerprint data stolen; but the reported number of victims has now climbed to 5.6 million.

Topics: News

Monthly News Roundup - August 2015 (TL;DR)

Posted by Drew Paik

Sep 1, 2015

2015-09-01_Ars-Technica

NEWS

In the past 31 days, we saw some salacious information security headlines. That’s because Ashley Madison, the dating site for married people, suffered a major data breach. In addition, reports emerged with foreboding news about malvertising and man-in-the-cloud hacks. All that, plus much more, in our August monthly roundup:

Topics: News