Posts
- Don’t Forget About HIPAA Privacy!
- Healthcare IT Security- The Case For Penetration Testing
- Healthcare IT Cybersecurity
- Could Your Organization be the Next Ransomware Victim?
- Alexa in Senior Care Settings: HIPAA Considerations and Safeguards
- DiMaggio, Other Cybersecurity All-Stars Address Risks, Solutions at HIT Summit
- Your 6-Point Guide to Addressing Individuals Rights Under the HIPAA Privacy Rule
- Business Associates (BAs) are Essential to Healthcare Organizations
- Are You Ready for a Cyberattack? A Tabletop Test Can Tell
- Are Your Business Associates HIPAA Compliant?
- Notice of Privacy Practices
- Don’t Get Hooked by Phishing Attacks
- Business Email Compromise (BEC) – A Fast-Growing Scam!
- Fine on Mobile Device Loss in the Millions
- How Often Do I need a Security Risk Assessment?
- Office for Civil Rights fines Dental Practice for HIPAA Violation
- Don’t Forget About HIPAA Privacy!
- Annual OCR Breach Reporting Deadline Sneaking Up
- Are Your HIPAA Security Risk Analyses Good Enough?
- A Teleworking Policy Is a Must During COVID-19
- Steps to Avoid Teleconference Hijacking
- Phishing
- Implementing a Telehealth Policy During COVID-19
- The Unwavering Dedication of Nursing Home Workers
- Telehealth and Patient Consent
- Top 10 Routinely Exploited Vulnerabilities
- Guidance for Patients & Residents Using Telehealth Services
- COVID Phishing and Ransomware
- COVID-19 Resources and Topics
- Voice Control Devices and Remote Work
- Providing Devices for Patient or Resident Use
- Defending Against Remote Desktop Threats
- Remote Device Best Practices
- Work From Home User Concerns
- O365 Configuration Considerations
- Patching for Remote Users
- FAQs on Telehealth and HIPAA During COVID-19
- Reminders for Providers on HIPAA regarding Obtaining Consent and Notice of Privacy Practices
- Lost or Stolen Devices
- Top 3 Items for your Business Associate Agreement Tracker
- Must Haves in a Telework Policy
- Vulnerability Scans and Penetration Tests: What’s the Difference?
- Types of Phishing
- The Importance of Separation of Duties
- The Importance of Separation of Duties, cont.
- Least Privilege
- Access for Mobile Devices
- Security Awareness Training: What Should You be Covering?
- Monitoring Secure Areas in your Environment
- Incident Response Training: Is Your Team Prepared?
- Personnel Screening
- Access Agreements
- Personnel Transfers
- Personnel Termination
- “Position Risk Designation: What it is and how it keeps onboarding consistent”
- Media Sanitization
- Media Marking
- The Risks of Relay Authentication Attacks
- Mitigating the Risks of Relay Authentication Attacks
- Do you know who is visiting your facilities?
- The Impact of a Breach
- Where is your organization’s data?
- Policy and Procedure Review
- National Cybersecurity Awareness Month
- Ransomware Advisory
- Risk Analysis and Management is Worth It
- Terminating User Accounts
- As Ransomware Attacks Increase So Should Preparedness
- Mitigating the Password Spray Threat: Stopping Modern Hacks
- Phishing Attempts on the Rise
- Press Release: COVID-19 and Ransomware – a Nightmare Scenario That BlueOrange Compliance is Looking to Fix
- BOC Alert – SolarWinds Orion Platform SUNBURST Vulnerability
- The Importance of Multi-Factor Authentication
- OCR Cracking Down with HIPAA Right of Access Initiative
- The Designated Record Set
- Top 5 Security Threats of 2020 and What You Can do About It
- Law Requires HHS to Incentivize Security
- 5.1 Million Dollar Settlement for Data Breach
- HIPAA’s Minimum Necessary Requirement
- BOC Alert: SonicWall Zero-Day Vulnerability
- The Risks of Shared Passwords
- Upcoming Webinar: Analyzing the OCR HIPAA Settlements of 2020 – Tips, Pitfalls, and What To Avoid
- Secure Disposal of PHI
- Password Complexity Reminder!
- A Reminder to Keep Visitor Logs
- Penetration Testing with BlueOrange
- BOC Alert: Microsoft Exchange Server Zero-Day Vulnerability
- HIPAA Right of Access Initiative Continues!
- A Zero Trust Security Model
- Mobile Device Best Practices
- BlueOrange Webinar: Conditional Access – When Multifactor Authentication is Not Enough
- End User Phishing Reminder!
- Adopt a Clean-Desk Policy
- Security Awareness Training: What Should You be Covering?
- 21st Century Cures Act Final Rule Goes Into Effect
- HIPAA’s Right of Access Initiative Isn’t Slowing Down
- Vulnerability Scans and Penetration Tests: What’s the Difference?
- Incident Response Training: Is Your Team Prepared?
- The Ransomware Task Force is Calling for Action
- Industry Best Practices
- NIST is Asking for Input
- Upcoming BlueOrange Webinar: Workstation Compromised. Now What? – 05/27/21
- DarkSide Ransomware Group
- Top 3 Items for your Business Associate Agreement Tracker
- FBI Issues FLASH Alert Due to Ransomware Attacks on Healthcare Agencies
- MSTIC Alert on New Wave of Attacks
- Penetration Testing with BlueOrange
- The White House is Urging Corporate Business Leaders to Protect Against Ransomware
- Ransomware is Finally Getting the Necessary Attention
- Right of Access Initiative – Number Nineteen
- Cyber Insurance Carriers are Requiring Ransomware Prevention Measures
- Upcoming BlueOrange Webinar: Ransomware & Cyber Insurance – What is Changing and What do I Need to Know? – July 29th, 2021
- Mitigating the Risks of Relay Authentication Attacks – Reminder!
- BOC Alert: Microsoft Windows Elevation of Privilege Vulnerability
- BlueOrange Webinar: Ransomware & Cyber Insurance – What is Changing and What do I Need to Know? – July 29th, 2021
- BOC Alert – PetitPotam NTLM Relay Attack
- CISA Releases Alert on Top Exploited Vulnerabilities
- The Ever-Rising Importance of Access Control
- Security Awareness Reminder – Password Spraying
- CISA’s Urgent Warning to Patch ProxyShell Vulnerabilities
- The Rise of Hurricane-Related Scams
- PwnedPiper and the Threats Facing Healthcare
- The Secure Disposal of PHI
- Conti Ransomware Sparks Joint CISA, FBI and NSA Advisory
- Multiple Security Updates Released
- The Importance of Media Marking
- CISA Creates Known Exploited Vulnerabilities Catalog
- Guidance on Vaccine Status and HIPAA
- Terminating User Accounts
- Least Privilege
- BOC Alert – Upcoming Holidays Could Include an Increase of Cyberattacks
- Security Reminder – Reporting Security Incidents
- BOC ALERT – CRITICAL Apache Log4j Zero-Day Vulnerability
- Policy and Procedure Review Reminder
- The Difference Between Vulnerability Scans and Penetration Tests
- Upcoming Webinar: How Threat Actors are Gaining Access through Unresolved Log4Shell Vulnerabilities
- Right of Access Initiative has Reached 25 Settlements
- CISA – Layering Network Security Through Segmentation
- 2021 Trends Show Ransomware is an Increased Globalized Threat
- SAFER Guides: What You Need to Know
- Preparing for State Sponsored Russian Cyber-Attacks
- ORANGE Alert | PrintNightmare Vulnerability Being Exploited by Russian State-Sponsored Cyber Actors
- The DEV-0537 Okta Compromise
- What You Need to Know: Cyber Incident Reporting for Critical Infrastructure Act of 2022
- The PATCH Act of 2022 Introduced
- Reminder of CISA’s Vulnerability Catalog
- Executive and C-Suite IT Security Buy-in
- The BlueOrange Security Analysts
- The BlueOrange Project Coordinators
- ORANGE ALERT | MSDT “Follina” Vulnerability
- Security Reminder – Physical Security
- The BlueOrange Offensive Security Analyst
- Verizon’s 2022 Data Breach Investigation Report
- Recent Telehealth Guidance from HHS
- Switching to Modern Auth in Exchange prior to October 1st
- Microsoft August Updates
- Cyber Insurance is Cracking Down on MFA
- HHS Resources
- OCR Settles Case – Improper Disposal of PHI
- CISA’s #StopRansomware: Vice Society Alert
- Iran’s Cyberattack on Albania
- Security Reminder – Cyber Threat Season
- BlueOrange Product Catalog
- Hurricane Related Scams
- Right of Access Initiative Reaches 41 Settlements
- Security Reminder – Reporting Security Incidents
- Recognized Security Practices Video Released by HHS
- Policy and Procedure Review Reminder
- The Benefits of a Password Manager
- Security Reminder – Reporting Security Incidents
- Software Supply Chain Security
- ORANGE ALERT | Windows 7, Windows 8.1, Server 2008 R2 No Longer Supported
- EHR Optimization & Best Practices: Where are you on your EHR Journey?
- The Joint Cyber Defense Collaborative Announces it’s 2023 Planning Agenda
- BlueOrange Client Sees a Decrease in Cyber Insurance Premium
- Mobile Device Best Practices – Security Reminder
- Right of Access Initiative Reaches 43 Settlements
- Now Offering Phishing Awareness Testing & Training
- Access Agreements Should be Required
- Notifications of Enforcement Discretion Set to Expire
- Penetration Testing with BlueOrange, Part 2
- HHS Resources
- Tracking Technologies and Cyber-Insurance
- Reminder of CISA’s Vulnerability Catalog
- Multifactor Authentication Security Reminder
- Baseboard Management Controller Security
- Unsecured Server Results in $75k HHS Settlement
- Executive and C-Suite IT Security Buy-in
- The Difference Between Vulnerability Scans and Penetration Tests
- The Importance of Media Marking
- Hurricane Related Scams, again
- OCR is on Right of Access Settlement Number 45
- Cybersecurity Awareness Month is Here!
- MFA – Cybersecurity Awareness Month
- Strong Passwords – Cybersecurity Awareness Month
- BlueOrange Penetration Testing
- Pen Testing | HIPAA Cybersecurity Practice
- Recognizing and Reporting Phishing
- ORANGE ALERT – Zero-day Vulnerabilities in Chrome and iOS
- End User Phishing Scams Reminder!
- Take Advantage of CISA’s Vulnerability Catalog
- Hospital Shares Too Much Info with the Press – Reaches Settlement with OCR
- Focusing on the Importance of Access Control
- ORANGE ALERT – AT&T Breach Update
- ORANGE ALERT – Rise in IRS Scams
- 6 Critical Steps to Protect Against Cyber Attacks
- ORANGE ALERT – Palo Alto Vulnerability CVE-2024-3400
- ORANGE ALERT – Cisco ArcaneDoor Vulnerabilities
- ORANGE ALERT – Kaiser Permanente Data Breach
- ORANGE ALERT – Update Kaiser and Change Healthcare Breaches
- ORANGE ALERT – Ascension Healthcare Network Cyberattack
- ORANGE ALERT – Copilot+PCs Recall Feature Privacy and Security Concerns
- Healthcare Cyber Security for RiverSpring Living
- ORANGE ALERT – MOVEit Vulnerability & Kaspersky Software Banned in U.S.
- ORANGE ALERT – OpenSSH – regreSSHion
- Penetration Testing for Healthcare Cyber Security
- ORANGE ALERT – Cisco Smart Software Manager On-Prem Vulnerability
- ORANGE ALERT – CrowdStrike Defect in Update for Windows Hosts
- Phishing Awareness Boosts Hospital Cyber Security
- ORANGE ALERT – CRITICAL Microsoft Vulnerability (CVE-2024-38063)
- ORANGE ALERT – Veeam Backup & Replication Software Vulnerability
- ORANGE ALERT – Fortinet Confirms Zero-Day Vulnerability
- ORANGE ALERT – Large Scale Spear-Phishing Campaign
- ORANGE ALERT – Palo Alto Patches Zero-Day
- ORANGE ALERT – LDAPNightmare PoC Exploit for CVE-2024-49113/CVE-2024-49112
- Healthcare Prepares for Enhanced HIPAA Audits