2016 NCHICA Annual Conference The Rise of Ransomware in Healthcare – New Threats, Old Solutions Presenters: Chuck Kesler (CISO, Duke Health) & Jon Sternstein (Principal, Stern Security) August, 2016
NC HIMSS Annual Conference 2016 Multifactor Authentication – 2016’s Essential Security ProjectPresenters: Chuck Kesler (Duke Health), Jon Sternstein (Stern Security) April 20 & 21, 2016Hilton North Raleigh/Midtown Hotel3415 Wake Forest Rd, Raleigh, NC 27609
We have compiled a list of security measures to implement to either prevent ransomware or limit the damage. Organizations need not implement all of these in order to prevent ransomware. However, these are various strategies that can be implemented depending on the company. Security measures such as “application whitelisting” will prevent most malicious software on […]
Stern Security Labs analyzed a Locky ransomware sample. The following video shows an actual Locky ransomware attack on a Windows 7 machine. Watch how fast the ransomware encrypts the files on the computer. The computer is encrypted within one minute of clicking on the malicious “invoice.pdf” file! Ransomware attack demonstration from Stern Security on Vimeo.
In February 2016, PenTest Magazine’s was dedicated to “Cloud Pentesting”. This special edition featured an article by Stern Security’s Principal Consultant, Jon Sternstein. Here is an excerpt from the article: “A pair of eyes intently stares at the computer screen while ten fingers are furiously typing on the keyboard. The penetration tester smiles as he […]
We have recently received two samples of Locky maldoc (malicious document) ransomware from a healthcare institution. Ransomware is a devastating piece of malware that encrypts important files on an infected computer and demands ransom to decrypt the files. We will examine two samples. Both samples arrived via email and were not detected by spam filters […]
Background On January 22nd, 2016, the Food and Drug Administration released a draft guidance document titled “Postmarket Management of Cybersecurity in Medical Devices”. (Food and Drug Administration). This important document addresses the need for security throughout the lifecycle of several medical devices. Improving medical device security is a subset of President Obama’s February 19th, 2013 […]
ABC11 Stern Security’s owner, Jon Sternstein discusses a cyber attack in Cary, North Carolina affecting the state’s largest K-12 school system. To see the full article, go to: http://abc11.com/technology/cyber-expert-weighs-in-on-panther-creek-hack-attack/1072223/
11th Academic Medical Center Security & Privacy Conference Hosted by North Carolina Healthcare Information & Communications Alliance, Inc. (NCHICA) Implementing Multi-factor Authentication for Clinical ApplicationsPanel Leader: Todd Greene (Carolinas HealthCare), Panelist: Jon Sternstein (Stern Security) June 22-24, 2015 The Friday Center, Chapel Hill, NC
All Apple users need to enable two-step verification on their iCloud accounts if they have not already. This protects your account by confirming your identity through a text message in addition to your password. So even if someone steals your password, they would need to steal your phone as well to get into your iCloud […]