Healthcare is under fire and there’s no sign of the burn slowing. Look, it’s no secret that hackers have been targeting hospitals and other healthcare providers for several years — and probably no surprise that healthcare is one of the top target industries for cybercrime in 2018. In the US alone, in fact, more than 270 data breaches affecting nearly 12 million individuals were submitted to the U.S. HHS Office for Civil Rights breach portal (as of November 30, 2018).

Data breach is a major player when it comes to causing financial as well as reputational losses to a business. With the implementation of laws such as GDPR and a plethora of privacy debates going across the globe, unethical data collection or poor coding practices are the new players in the town. In the last two weeks, Microsoft and Instagram have been in the news – one for collecting MS Office user data while other for displaying passwords in the plain text.

Recently, an AlienVault customer reached out to ask how AlienVault handles the detection of zero-day attacks, which are exploits against previously unknown vulnerabilities. In this blog, I shed light on how we approach this.

When election interference is discussed, you probably think of “fake news” social media plots or hacked voting machines that manipulated outcomes. The truth is much more complicated. Election interference can come in many forms and have consequences that last long after an election cycle. Fortunately there are security measures elected officials, campaigns, and anyone with access to voter information can – and should – take to defend against election interference.

We all know information security is complicated and multi-faceted. You have plans to defend you from countless types of attacks and threats, but the risk is still there. Spear phishing is a common threat and your organization should have a plan of how to respond in the event of this type of attack.

The FBI & DHS issued a joint statement alerting businesses and consumers that cybercriminals are increasingly exploiting the Remote Desktop Protocol (RDP) administration tool. The notice states that using RDP as an attack vector has been on the rise since 2016, with attackers using open RDP ports to hijack machines or intercepting RDP sessions and infecting the system being remotely accessed with different types of malware.

According to Akamai’s recent report, “2018 State of Internet/Security Credential Stuffing Attacks”, worldwide malicious login attempts are on the rise. Akamai analyzed attack data from across the company’s global infrastructure and found that 3.2 billion malicious login attempts were made each month between January and April 2018. The company also found that 1.4 million usernames and passwords have been compromised this year alone.

A VLAN is used to share the physical network while creating virtual segmentations to divide specific groups. For example, a host on VLAN 1 is separated from any host on VLAN 2. Any packets sent between VLANs must go through a router or other layer 3 devices. Security is one of the many reasons network administrators configure VLANs. However, with an exploit known as 'VLAN Hopping', an attacker is able to bypass these security implementations.

Even as public awareness of data breaches grows, the popular conception of what information is sensitive, and how sensitive it is, lags behind the threats that individuals, businesses, and governments face today. The classic model for a data breach is individuals’ login credentials for banking or private identity information like their social security numbers, but there is equal– and in many cases far greater– value in information with less obvious potential for abuse.