A Canadian man has been handed a three year prison sentence after being found guilty of buying and selling over 1700 stolen identities on a dark web marketplace. 29-year-old Slava Dmitriev, who went by the online handle of “GoldenAce”, bought and sold individuals’ personal private information, including social security numbers, on the AlphaBay dark web marketplace in 2016 and 2017.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires healthcare entities to implement policies and procedures to safeguard the privacy and security of the protected health information (PHI) of patients. One core requirement is to perform risk assessments. This article explains what a risk assessment is according to HIPAA and offers guidance about the steps involved.

As organizations became increasingly interconnected globally, every business started adapting to the digital model for all their transactions, fearing that otherwise they would be left behind in the race. Unfortunately, this has turned out to be a catch-22 as threats to cybersecurity are continually increasing. The rise in attacks was partly due to Log4j that helped to boost the cyberattack attempts to an all-time high in Q4 2021.

The Splunk Threat Research Team is monitoring open channel intelligence and government alerts indicating the possibility of malicious campaigns using destructive software in relation to ongoing geopolitical events. Based on historical data of named geopolitical actors, the use of destructive payloads has been observed in past campaigns.

Advanced cybersecurity threats have heightened the harm of data breaches. At the same time, individuals have become increasingly aware of the information they share with companies, and expect organizations to protect that sensitive information. These two trends have led companies to invest in information security and data privacy practices.

It’s not easy to prepare for the natural disasters that might happen and devastate your business. Still, just as civil defense teams prepare for hurricanes, floods, heat waves and other adverse natural events, businesses need to develop a solid plan to confront the same.

Like a loner wolf, are you among those software developers who work independently instead of being part of a company or an organization? If yes, you may have one major issue of not being recognized as any significant brand name for the software you develop. You may even have a headache of getting trusted by browsers and operating systems and bypassing ugly warning messages like an unknown publisher.

The collection process of an EV Code Signing certificate is quite different compared to the OV (Organization Validated) Code Signing certificate. But it also offers additional security practices that aren’t provided by a standard code signing certificate. Nonetheless, here in this piece of article, we’ll discuss how to setup your EV Code Signing certificate so you can move further with digitally signing your applications and software.

Data governance is the principled approach to managing data during its life cycle — from the moment you generate or collect data to its disposal. Good data governance ensures that data is kept private, accurate, usable, and most of all: secure. Data governance is a broad term, and as a result, good data governance encompasses everything from user behavior to technology to policies and compliance regulations.

The cybersecurity talent shortage is real. As of December 2021, a job-tracking database from the U.S. Commerce Department showed nearly 600,000 unfilled cybersecurity positions. And a 2021 study found that 57% of cybersecurity professionals worked at organizations that have been directly impacted by the cybersecurity talent shortage. Even so, many organizations want to “shift security left” or build security best practices earlier into the software development lifecycle (SDLC).