Tiss TISS | Security Consulting Inc. Governance, Risk, and Compliance Services

The U.S. Department of Health and Human Services warns that hackers are targeting IT help desks in the healthcare sector...
04/10/2024

The U.S. Department of Health and Human Services warns that hackers are targeting IT help desks in the healthcare sector using social engineering to enroll their own multi-factor authentication devices. By pretending to be employees and providing stolen verification details, they gain access to systems and divert bank transactions. Similar tactics have been used by cybercrime groups like Scattered Spider, highlighting the need for health sector organizations to implement stringent verification processes for sensitive requests.

πŸ’» Awareness is key in preventing social engineering attacks. If protecting privacy and security is a priority for you, let's set up a meeting. Our expert team is ready to provide comprehensive security training to your employees, ensuring they're well-equipped to protect your organization!

🌎 https://tiss.ai
πŸ“§ [email protected]

Read more:
https://www.bleepingcomputer.com/news/security/us-health-dept-warns-hospitals-of-hackers-targeting-it-help-desks/

PCI DSS v3.2.1 is retired now! If you accept payments by payment cards it’s mandatory for you to be PCI-DSS compliant an...
04/04/2024

PCI DSS v3.2.1 is retired now!

If you accept payments by payment cards it’s mandatory for you to be PCI-DSS compliant and to make sure you cover the new requirements in V4.0. The new version introduces over 50 new requirements, with some effective immediately and others by March 31, 2025.

The goal of the Payment Card Industry Data Security Standard (PCI-DSS) is to protect cardholder data and sensitive authentication data wherever it is processed, stored or transmitted.

πŸ’» If you want to get detailed guidance and resources on implementing PCI-DSS V4.0, schedule a meeting with us now!

🌎 https://tiss.ai
πŸ“§ [email protected]

Read more: https://blog.pcisecuritystandards.org/pci-dss-v3-2-1-is-retiring-on-31-march-2024-are-you-ready

Omni Hotels & Resorts has been experiencing a nationwide IT outage since Friday, affecting reservation systems, hotel ro...
04/03/2024

Omni Hotels & Resorts has been experiencing a nationwide IT outage since Friday, affecting reservation systems, hotel room door locks, and point-of-sale systems. While the root cause of the outage has not been disclosed, efforts are underway to restore the affected systems. The company expresses appreciation for guests' patience during this disruption.
Omni Hotels also disclosed a data breach in July 2016 after point-of-sales (PoS) systems at 49 of its 60 North American hotels were infected with malware. The attackers used the PoS malware to collect payment card information, including cardholder name, credit/debit card number, security code and expiration date between December 23, 2015 and June 14, 2016, depending on the location.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

Read more: https://www.bleepingcomputer.com/news/security/omni-hotels-experiencing-nationwide-it-outage-since-friday/

A new phishing-as-a-service (PhaaS) named Darcula is targeting iPhone users via iMessage among others, utilizing over 20...
03/29/2024

A new phishing-as-a-service (PhaaS) named Darcula is targeting iPhone users via iMessage among others, utilizing over 20,000 domains to spoof brands and steal credentials worldwide. Unique for using Rich Communication Services and iMessage instead of traditional SMS, it offers fraudsters over 200 templates for various services. Developed with modern technologies, Darcula's high-quality landing pages impersonate brands in multiple languages, emphasizing the evolution of phishing tactics.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

Google addressed seven security flaws in Chrome, including two zero-days showcased at Pwn2Own 2024. One vulnerability, a...
03/28/2024

Google addressed seven security flaws in Chrome, including two zero-days showcased at Pwn2Own 2024. One vulnerability, a type confusion in WebAssembly (tracked as CVE-2024-2887), and another, a use-after-free in WebCodecs (tracked as CVE-2024-2886), were exploited for remote code ex*****on. These fixes are part of Chrome's latest update, emphasizing the swift response to vulnerabilities exposed in hacking competitions.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

Microsoft confirmed a widespread issue causing Windows domain controllers to crash due to a memory leak introduced with ...
03/24/2024

Microsoft confirmed a widespread issue causing Windows domain controllers to crash due to a memory leak introduced with the March 2024 security updates. The problem affects servers running the latest Windows Server updates across several versions. The leak, stemming from the Local Security Authority Subsystem Service (LSASS) process, prompts servers to restart unexpectedly. Microsoft has acknowledged the issue, affecting all domain controller servers with these updates, and is working on a fix. In the meantime, Windows admins may need to uninstall the problematic updates to mitigate the issue .

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

United health group paid out more than $2 billion to help health-care providers who have been affected by the cyberattac...
03/23/2024

United health group paid out more than $2 billion to help health-care providers who have been affected by the cyberattack on subsidiary Change Healthcare. The U.S. Department of Health and Human Services’ Office for Civil Rights is carrying out the inquiry. The OCR enforces the Health Insurance Portability and Accountability Act’s security, privacy and breach notification rules, which most health plans, providers and clearinghouses are required to follow to protect health information.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization!

🌎 https://tiss.ai

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs ...
03/22/2024

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

AT&T has responded to a data leak affecting 70 million individuals, stating the data did not originate from their system...
03/21/2024

AT&T has responded to a data leak affecting 70 million individuals, stating the data did not originate from their systems. The leak was initially attributed to a 2021 breach and sold by the threat actor ShinyHunters. Despite the claim, AT&T maintains their systems were not compromised. The leaked data includes names, addresses, mobile numbers, and encrypted personal details, raising concerns over its source and potential misuse.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

&T

Fujitsu confirmed a cyberattack that compromised multiple work computers, leading to potential theft of personal and cus...
03/19/2024

Fujitsu confirmed a cyberattack that compromised multiple work computers, leading to potential theft of personal and customer information. The exact malware type or details of the stolen data weren't disclosed. Fujitsu has disconnected affected systems and is investigating the breach's scope. The incident has been reported to Japan's Personal Information Protection Commission. Fujitsu, a global tech company with about 124,000 employees, serves both government and private sector clients .

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

Hackers are exploiting a vulnerability in the aiohttp Python library, CVE-2024-23334, to target servers. This flaw allow...
03/17/2024

Hackers are exploiting a vulnerability in the aiohttp Python library, CVE-2024-23334, to target servers. This flaw allows unauthorized remote file access on servers using outdated aiohttp versions. Despite a patch released in aiohttp version 3.9.2, the presence of many vulnerable servers worldwide has led to increased scanning and exploitation attempts, notably by the ransomware actor ShadowSyndicate. The issue underscores the challenges of keeping open-source libraries updated to protect against such threats.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

France Travail, the French unemployment agency, experienced a data breach affecting 43 million individuals. Hackers acce...
03/15/2024

France Travail, the French unemployment agency, experienced a data breach affecting 43 million individuals. Hackers accessed personal details of job seekers and candidates from the past 20 years between February 6 and March 5. Exposed data includes full names, dates and places of birth, social security numbers, and contact information. While bank details and passwords were not compromised, the breach raises significant identity theft and phishing risks. This incident marks a record breach in France, surpassing previous significant data breaches in the country.

πŸ’» If security and privacy are your concern, schedule a meeting with us to help you safeguard your organization now!

🌎 https://tiss.ai

Address

Montreal, QC

Telephone

+14389262297

Alerts

Be the first to know and let us send you an email when Tiss posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Tiss:

Share