The Department of Homeland Security has issued this emergency directive. “DHS DIRECTIVE 21-01 - Treat all hosts monitored by the SolarWinds Orion monitoring software as compromised by threat actors and assume that further persistence mechanisms have been deployed." Visit the DHS Website and…

FoxPointe Solutions has been closely following the major data breach that was recently announced involving Cit0day, as well as the subsequent analyses to accurately identify the true risk levels that could be associated with it. Following the emergence of updated forensic reports, it has been…

Like almost every organization doing business in 2020, HITRUST® has had to adopt some changes due to the COVID-19 Pandemic. As the year progressed and we were able to see the long-term impact that COVID-19 has caused, we began to see changes in guidelines and options for HITRUST-related…

Credible information regarding a well-known Russian cybercriminal organization plotting a mass ransomware attack across the United States healthcare industry led officials from the Federal Bureau of Investigation and the Department of Homeland Security to formally warn industry executives of the…

From the nation’s shift to a remotely working culture to the upcoming elections we must maintain our awareness to the importance of Information Security. So far in 2020, there are many significant breaches that remind us of the importance of remaining information security aware and protective…

In 2020, protecting an organization from cyber-attacks means that you need a plan to combat ransomware. Ransomware infections can be expensive, and costs can encompass more than just financial decisions. Paying a ransom to retrieve encrypted data is never an ideal situation and the cost to do so is…

Every October since 2004 marks National Cybersecurity Awareness Month. This month raises awareness about the importance of cybersecurity and how to protect yourself from cybercrime. Reduce Your Cyber Risk Below are the top 5 things you can do to safeguard yourself: Do not ignore operating system or…

Phish - SpearPhish now VISH! DON’T GET HOOKED Now is the time to reassess your cybersecurity program and your Computer Security Incident Response Program (CSIRP). The alert below from the FBI and CISA details the VISH risk, but it is up to you to get protected! As always – please let us…

As was originally reported by the technology website Ars Technica and by several Albany, NY-based business and news publications such as Times Union, an Albany-based accounting firm recently suffered a ransomware attack most likely from the ransomware ring known as Maze. Maze and other ransomware…

While the majority of America’s attention is undoubtedly currently focused on issues of race and the ongoing COVID-19 pandemic, two weeks ago, India made a decision that has far-reaching global implications. In a press release issued on June 29th, the Press Information Bureau of India…

Our globe is linked through a fragile network that deals with healthcare, government, banking, and corporate data, while DoS attacks, website defacement, and other cyber-attacks are on the rise. The number of phishing attacks alone has skyrocketed over the last few years. Cyber Risk By the Numbers…

COVID-19 has introduced many challenges to personal and professional lives. While we continue to adapt, we must remember to continue to perform sound security and privacy practices, including when it comes to vendor management. We look to vendors as trusted partners for many aspects of our supply…

The 2020 Global Security Report, issued by cybersecurity and managed service provider, Trustwave, is an annual report detailing facts and trends observed in the world of information security. This annual report analyzed the threats and statistics observed throughout the world in 2019, and the…

The toll on life in the United States and the world left by COVID-19 has been great. The impact on our families, health, businesses, and the world economy will be felt by many for years to come. Hospitals of every type — private and public, urban and rural — are especially paying a heavy…

You know you are living in a crazy time when there is a pandemic consuming the entire world and it mysteriously causes all the toilet paper to disappear off the shelves. But the true indication of craziness is when Apple and Google, notorious technology rivals, come together for the common good and…

As part of our everyday lives, both in and out of the workplace, having a heightened awareness for information security is getting more important by the day. As innovation in technology heavily influences how our government, business, and day to day lives operate, new potential methods of…

In all of my years in information technology and information security, I was trained to reduce the risks of a computer virus. Never in my wildest imagination did I think I would have to deal with risks related to a different type of virus – a biological one. While it may not be apparent at a…

This past December, the Office of the Comptroller of Currency (OCC) released the fall edition of its Semiannual Risk Perspective, a report that addresses key issues facing Financial Institutions, focusing on those that pose threats to the safety and soundness of banks and their compliance with…

CrowdStrike, an industry-leading next generation anti-virus software as a service solution provider, recently published a report of its observations from its incident response investigations that it conducted during 2019. The report is the product of numerous investigations, pulling in data from a…

Investment risk management is ultimately about protecting and growing your assets over your time horizon. This involves addressing the aspects of your investment program that can be controlled and then minimizing your exposure to what cannot be controlled. Information Technology (IT) risk management…