Blog | Herjavec Group

Network Segmentation and PCI Compliance

By: David Mundhenk and Ben Rothke It was in the early days of PCI when we wrote Lightening the PCI Load: Solutions to Reduce PCI Scope. PCI compliance scoping was then, and still is, an intensively debated topic, even among PCI Qualified Security Assessors (QSA). The spirit and intent of that article and our follow-up piece in End-to-End Encryption: The... Read More

May 26, 2017 Security News, Thought Leadership

Ransomware Damage Report: 2017 Edition

Global ransomware damage costs predicted to exceed $5 billion in 2017, up from $325 million in 2015. Ransomware damages up 15X in 2 years, expected to worsen; Ransomware attacks on healthcare organizations will quadruple by 2020. – Steve Morgan, Editor-In-Chief Ransomware — a malware that infects computers and restricts their access to files, often threatening permanent data destruction unless a... Read More

May 24, 2017 Robert Herjavec, Security News

WannaCry Fact Sheet

Herjavec Group published its first threat advisory on the WannaCry attack on Friday May 12th. In response to WannaCry, Herjavec Group’s Security Operations Centers immediately heightened awareness internally for IOCs, and MD5 hashes which were attributed to the execution and symptoms of the attack. Over the 48 hours that followed, HG security engineers developed and deployed rules to all Managed... Read More

May 18, 2017 Security News, Thought Leadership, Threat Advisory

Robert Herjavec on WannaCry and Rising Ransomware Risks

Herjavec Group Founder & CEO, Robert Herjavec, recently spoke to Canadian Media at BNN & CTV News about rising ransomware risks and how data is being leveraged as a weapon in both the consumer and enterprise space. Watch the video clips below to review highlights from these interviews. Read More

May 17, 2017 Robert Herjavec, Security News

Protect Yourself from WannaCry and Other Ransomware Variants

Last week, thousands of companies across 150 countries felt the effects of an extensive ransomware cyberattack, known as ‘WannaCry’. The ransomware blocked users on infected computers from accessing their files, unless a ransom was paid, effectively crippling business operations for many enterprises across the globe. Financial and economic losses from Wannacry could swell into the billions of dollars, making it... Read More

May 16, 2017 Security News, Thought Leadership

Extensive Ransomware Cyberattack Reported on 16 Healthcare Institutions

There has been an extensive cyberattack today aimed towards Britain’s National Health Service, in which websites of 16 health institutions were targeted concurrently by cyber criminals. As a result, doctors were blocked from accessing patient files, causing hospitals to "divert ambulances and cancel appointments". Unlike DDoS attacks, a ransomware attack encrypts all the data on the affected computers and blocks users from accessing... Read More

May 12, 2017 Security News, Thought Leadership

Threat Update: Microsoft Releases Critical Security Update

Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Advisory 4022344 for details and apply the necessary update. To view the original US-CERT advisory, please click here. Herjavec Group circulates US... Read More

May 9, 2017 Security News, Threat Advisory

Threat Update: Intel Firmware Vulnerability (Updated)

Intel has released recommendations to address a recent vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of an affected system. Users and... Read More

May 8, 2017 Security News, Threat Advisory

23 NYCRR 500: How Cyber Legislation Will Impact Enterprises

Download PDF Author: Sandy Fury, Herjavec Group Consulting Specialist How many times have you seen a headline in the New York Times saying that a retailer, a medical services provider or bank has been hacked and thousands of people may be affected? Because we are still seeing these stories in the news, it is evident that data breaches have not subsided... Read More

May 4, 2017 Security News, Thought Leadership

Threat Update: Intel Firmware Vulnerability

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology, firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of an affected system. Herjavec Group aligns... Read More

May 2, 2017 Security News, Threat Advisory