ePHI stands for electronic protected health information. Electronic protected health information is protected under the Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA. ePHI security is governed by the HIPAA Security Rule. With the rise of telehealth, covered entities need to understand the requirements for safely transmitting, storing, and using ePHI to be compliant with the Security Rule and to protect a patient’s privacy.

A manufacturing organisation providing direct goods and services is known as a vendor. If the same services and products are provided on behalf of a direct vendor, they are known as third-party vendors. Third-party vendors always have a direct written contract, but not each vendor and organisation works with contracts. The definition of an entity as a third-party vendor depends on the organisation hiring its services.

This month, Microsoft announced a vulnerability in NFS. The exploit lies in how an attacker can force a victim NFS server to request an address from the attacker’s fake NFS server. The address returned will overflow memory on the victim NFS server and cause a crash. Through Microsoft’s MAPP program, Corelight Labs reviewed a proof-of-concept exploit for this vulnerability and wrote a Zeek®-based detection for it. You can find a PCAP of this exploit in our GitHub repository.

This month, Microsoft announced a vulnerability in PPTP, a part of the VPN remote access services on Windows systems that runs on port 1723/tcp. Through Microsoft’s MAPP program, Corelight Labs reviewed a proof of concept exploit for this vulnerability and wrote a Zeek®-based detection for it.

With the Internet's widespread growth, South Africa has become quite dependent on it for economic affairs. This sharing of self-generated data is a boon to all business transactions and even social interactions. The increased dependence on the digital world raises significant concerns about cyber security. Cybercrime is a global problem that has affected South Africa, both in the private sector and in government.

We are excited to announce Quadrant Knowledge Solutions has named CrowdStrike as a 2022 technology leader in the SPARK Matrix analysis of the global Digital Threat Intelligence Management market. Among all 28 vendors in the report, CrowdStrike received the highest score in the Technology Excellence category. The SPARK Matrix evaluates top vendors in the Digital Threat Intelligence Management space on a variety of criteria and groups them into Leaders, Challengers and Aspirants.

I hope you’re doing well and enjoying weather as nice as we have here in Canada. It’s gardening season and I have big plans to make sure I (once again!) win my tomato competition with my neighbour. I’m on a winning streak and am planting twice as many this year to guarantee victory. 😃 1Password 8 has scored some big wins as well. Let’s take a look.

The great thing about working in the world of cybersecurity is that there’s always something new. You may think you’ve seen it all, and then something comes along that completely surprises you. And that’s certainly true of the GoodWill ransomware, which security firm CloudSEK described this week.

Trustwave SpiderLabs in early April observed a Grandoreiro malware campaign targeting bank users from Brazil, Spain, and Mexico. The campaign exploits the tax season in target countries by sending out tax-themed phishing emails. Grandoreiro was first detected in 2016 is one of the largest banking trojan families developed to strike targets Latin America.

Read also: GM hit by a cyberattack, the Conti ransomware gang shuts down operation, and more cybersecurity news of the week.