The potential harm of a malicious URL is so great that they are considered one of the biggest threats to the digital world, especially when we talk about attacks and threats that arrive by email.

An exploit is a piece of software, data or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or to gain unauthorized access to sensitive data. Once vulnerabilities are identified, they are posted on Common Vulnerabilities and Exposures (CVE). CVE is a free vulnerability dictionary designed to improve global cyber security and cyber resilience by creating a standardized identifier for a given vulnerability or exposure.

Organizations are increasingly preoccupied with strengthening the digital security of their industrial control systems (ICS). They no doubt heard FireEye reveal that it had detected a second intrusion by the same actor behind Triton malware at a second critical infrastructure organization. More recently, they likely heard confirmation of a digital attack that struck the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu, India back in September.

The great management thinker, W. Edwards Deming, famously said something to the effect of, “If you can’t measure it, you can’t manage it.” It’s hard to argue with Deming’s logic, but there’s a consideration that comes before measurement, and that’s discovery. Before anyone measures or manages anything, they have to be able to accurately find and understand the things being measured, managed, improved, and transacted.

I recently took – and passed – the CompTIA Security+ exam (Sec+). Sec+ is a general introduction to multiple functional areas of security, ranging from network security to access control and identity management, for anyone looking to break into the space. For context, I have no previous training as a network or security professional, and my educational background was finance and Russian, nothing related to security.

Malware is an imminent threat for organizations. In order to protect your systems from it, you need to be informed about it. In this article, we will take a closer look at malware and malware outbreaks.

Patient health information is governed by robust rules that determine how this data is handled, stored, and accessed. Federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA) and various state laws strengthen patient rights. HIPAA set a baseline for regulatory compliance with patient health information. Under the “preemption” language in the rule, no state may create less effective or weaker medical privacy protection for individuals.

This is a guest blog by Kim Crawley. I’ve worked in cybersecurity for about a decade, but I’ve been autistic for my entire life. Careers usually start in adulthood, but autism is something children are born with. And contrary to what some people assume, autism doesn’t disappear at age 18. Autism is for life. Unfortunately, once autistic people become adults, services become a lot less plentiful.

Ransomware hit Louisiana’s state government hard yesterday, shutting down multiple websites and email systems after it fell victim for the second time in just a few months to a ransomware attack.