Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk analysis is defined as the process of identifying, reviewing, and analyzing any existing or potential cybersecurity risks that could negatively impact a business. Performing a cybersecurity risk analysis helps your company identify, manage, and safeguard data, information, and assets that could be vulnerable to a cyber attack. Such an analysis helps to identify systems and resources, determine the risk, and create a plan for security controls that can help protect your company.

Our first breach report of 2024 concerns Boston’s retired Fallon Ambulance Service (FAS). When operating, FAS was a medical transcription company serving emergency services and other affiliated companies. Transformative Healthcare (TH) oversaw FAS as a support component of their telephone services. TH absorbed FAS in December 2022 but retained patient data in compliance with their legal obligations.

Bunker Hill Community College (BHCC) serves a population of about 13,000 across two campuses and dispersed locations. BHCC offers over 100 degrees, including arts, sciences, business, health, law, and STEM opportunities. In May 2023, BHCC experienced a ransomware event—officials responded by taking their systems offline—but the threat was successful nonetheless. The assailants stole an estimated 195,588 records in their attack.

In an era where remote management is vital, IoT remote access is indispensable for the modern overseer. But how do you ensure these remote interactions are secure? We’ll delve into straightforward strategies that fortify against threats without delving too deep into technical jargon, providing a clear guide for anyone needing to remotely access and manage IoT devices with confidence.

Jeremiah Cornelius, Technical Lead for Alliances and Partners at AlgoSec, discusses how Cisco Nexus Dashboard Orchestrator (NDO) users can achieve policy-driven application-centric security management with AlgoSec.

Monster, a novel Ransomware-as-a-Service (RaaS) built on Delphi, surfaced in March 2022 and caught the attention of the BlackBerry Incident Response (IR) team during an incident investigation. After its initial appearance, Monster’s capabilities and its ransomware partnership program were promoted on the Russian Anonymous Marketplace (RAMP) in June. The mastermind behind Monster ransomware later introduced an enhanced version named Beast Ransomware, incorporating advanced features.

Fascinating article at TechXplore, December 28, 2023.