A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24 As IoT encroaches further every day into our lives, often as a result of some marketing guy’s idea to flog their junk, the fear that it could all wreak havoc at some point catches me. This week a wonderful article hit my feed which highlights what could be reality for some now, and a great number in the years to come.

Hackers and cyber criminals have evolved social engineering tactics to trick unsuspecting individuals into divulging private information or valuable credentials. One such evolving tactic is typosquatting, a form of social engineering attack that tries to lure users into visiting malicious websites with URLs that are common misspellings of legitimate sites.

NERC is a non-profit organization that sets industry standards, educates and trains industry personnel and provides guidelines for grids. You can find the details on NERC and NERC reliability standards in our article. What is NERC? NERC refers to the North American Electric Reliability Corporation. It is a non-profit organization whose main aim is to provide necessary regulations that reduce the risks regarding reliability and security.

This is part 2 of a blog on healthcare security. For more info, check out part 1. An independent guest blogger wrote this blog. When it comes to data security, there is no more important place than the healthcare industry. When people go to the doctor, they provide all of their most sensitive information, from their health issues to their phone number, to a doctor they trust.

Over the last few decades, volumes of domestic and cross-border data flow have skyrocketed. Predictions from a team of software experts from Techjury estimated that in 2020, each person will generate 1.7 megabytes in just a second. The increase in data volumes, while increasing the efficiency of organizations through real-time decision making has also increased security breaches where consumer data is being exploited for gain.

Cybersecurity performance management is the process of evaluating your cybersecurity program's maturity based on top-level risks and the associated level of investment (people, processes and technology) needed to improve your security security to meet regulatory requirements and business outcomes. Security metrics improve decision making by helping risk management and security teams take a risk-based, outcome-driven approach to assessing and managing their organization's cybersecurity capabilities.

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.