Collaborate Disseminate
Whether you’re a small business or a global enterprise, over the last decade or so outsourcing business functions to third-party vendors has become essential to your business operations. Vendors are used in nearly every business process. They provide … Continue reading How to Design a Vendor Management Process
Medical data and financial information of nearly 12 million people may have been compromised in a data breach at a billing firm that works with Quest Diagnostics, the laboratory company said in a regulatory document. The exposed information included credit card numbers and bank account details, Quest said Monday in a U.S. Securities and Exchange Commission filing. The New Jersey-based corporation is one of the giants in the medical testing industry, with more than $7.5 billion in revenue in 2018. Quest said the American Medical Collection Agency notified it on May 14 about a security incident. AMCA discovered that an outsider infiltrated its web payment system and accessed data belonging to other companies, including Quest Diagnostics. Quest had outsourced its billing work to Optum360, a health care revenue-cycle manager, which contracted AMCA. AMCA describes itself as a provider of “professional debt collection services are providers that specialize in collecting delinquent accounts,” according to […]
The post Quest Diagnostics pins breach affecting 11.9 million patients on debt collector appeared first on CyberScoop.
Continue reading Quest Diagnostics pins breach affecting 11.9 million patients on debt collector
When the European Union’s comprehensive privacy legislation, the General Data Protection Regulation (GDPR), went into effect last year, it put privacy compliance on the road map for many companies, including those where it wasn’t traditionally a prior… Continue reading Are Your Vendors Compromising Your Compliance?
Apple has released an emergency fix for an embarrassing vulnerability that allowed people to access the highest privileges account on Mac computers without a password. The vulnerability was disclosed by a user Tuesday on Twitter. He noticed that when p… Continue reading Apple Fixes MacOS High Sierra Root Access Vulnerability
Microsoft researchers recently uncovered a sophisticated hacking campaign that was serving targeted malware to “several high-profile technology and financial organizations.” The unidentified hackers reportedly compromised a set of third-party editing software tools by injecting malicious code into the programs’ updating mechanism, Windows Defender Advanced Threat Protection research team found. The recent findings underscore the threat organizations face through vulnerable, third-party applications. In many cases, such applications and services are commonly integrated into a company’s IT infrastructure; widening the attack vector for hackers. “[A] forensic examination of the Temp folder on [a] affected machine pointed us to a legitimate third-party updater running as service,” a Microsoft blog reads. “The updater downloaded an unsigned, low-prevalence executable right before malicious activity was observed. The downloaded executable turned out to be a malicious binary that launched PowerShell scripts bundled with the Meterpreter reverse shell, which granted the remote attacker silent control. The binary is detected by […]
The post Microsoft uncovers hacking operation aimed at software supply chain appeared first on Cyberscoop.
Continue reading Microsoft uncovers hacking operation aimed at software supply chain