Medical Emergency – Allscripts was hacked!

Posted on

We spent all weekend helping our customers affected by the Allscripts malware attack. A limited number of Allscripts services went down Thursday after a ransomware incident, according to an emailed statement from company spokeswoman Concetta Rasiarmos.

AllScripts allows physicians to send electronic prescriptions to pharmacies. Patient data is sent to a pharmacy for order completion – by being hacked and compromised, patient data is at risk!

New variant of SamSam – a ransomware family linked to several attacks against medical providers – is behind the Allscripts outage

The EHR giant is investigating the incident to provide further details.

“We are working diligently to restore these systems, and most importantly, to ensure our clients’ data is protected,” wrote Rasiarmos. “We regret any inconvenience caused by this temporary outage.”

In a conference call for customers on Saturday, which Salted Hash listened-in on, Allscripts’ Jeremy Maxwell, director of information security, said their PRO EHR and Electronic Prescriptions for Controlled Substances (EPCS) services were the hardest hit by the ransomware attack.

Other services had availability issues as well, but those have since been restored, such as direct messaging and some CCDA functionality.

The following email was sent to Providers:

From: NYSDOH HEALTH NOTIFICATION [mailto:notify01@health.ny.gov]
Sent: Friday, January 19, 2018 9:20 PM
To: Lisa Eng
Subject: Alert: For your immediate attention: AllScripts Cyber Event

Click here when you are ready to confirm receipt of the email.
If you can not click the above link use the following URL by copying into your browser.
https://apps.health.ny.gov/pub/cgi-bin/applinks/pubforms/AlertAcknowledge2?AID=9909950yag3dqb6av

Type: Alert
Description of Alert: For your immediate attention: AllScripts Cyber Event
Source Organization: NYSDOH
Authorizing Person: Sally Dreslin
Sender’s Jurisdiction: state
Document Date: 01/19/2018
Date of Alert: 01/19/2018

The Department of Health (DOH) is aware that a cyber incident regarding AllScripts has occurred. This may have an impact on the ability for hospitals, clinics, nursing homes, individual prescribers and pharmacies to transmit and receive prescription electronically. It is permissible for those impacted to use paper official prescriptions in accordance with New York State regulations. Should you have urgent questions in this regard, please contact DOH at (866) 811-7957 or off-hours at (866) 881-2809.

Recipients:
Dental Practices – Controlled Substance Prescription Data Reviewer (CSPDR)
Dental Practices – Controlled Substance Prescription Data Submitter (CSPDS)
Dental Practices – HPN Coordinator
Hospital (ext clinic) – Administrator
Hospital (ext clinic) – Director, Nursing
Hospital (ext clinic) – Emergency Response Coordinator
MDs as organizations – Controlled Substance Prescription Data Reviewer (CSPDR)
MDs as organizations – Controlled Substance Prescription Data Submitter (CSPDS)
MDs as organizations – HPN Coordinator

For questions: Please send an e-mail to debra.sottolano@health.ny.gov, as notify01 is a non-monitored mailbox.

Alert – Highest priority emergency communication; warrants immediate action or attention by the recipient.
High Advisory – High priority does not warrant immediate action but recipients should be aware.
Advisory – Provides very important information for a specific incident or situation that does not require immediate action.
Updates to Alerts and Advisories – Provides updated informa tion regarding an incident or situation; unlikely to require immediate action.
Informational Message – Provides timely information, important for review or serves as a reminder for an action that should be taken.

Click here when you are ready to confirm receipt of the email.
If you can not click the above link use the following URL by copying into your browser.
https://apps.health.ny.gov/pub/cgi-bin/applinks/pubforms/AlertAcknowledge2?AID=9909950yag3dqb6av

Don’t Fall Victim!

OnGuard Remote Backup platform has helped many customers over the bast few months recover from encryption ware based attacks! We offer a trusted protection platform that’s flexible enough to meet your current and future business needs. Our LIVE support works with you to help recover your systems quickly.

We are also introducing several new OnGuard security products this year geared to protect your business.

Onguard Mail Essentials powered by GFI: Protect your business against email-borne junk, viruses, spyware, phishing and other malware threats.

Hardware Firewalls with Advanced Security Protection: We are working with our U.S.A. based developers in order to provide proactive protection of your entire network, reducing your exposure to cyber threats at a price point that will not decrease your bottom lime.

  • Protection against polymorphic malware, using smart cloud based AV engine and definitions powered by Kaspersky.
  • GFI Directory support for non Active Directory environments which enables far more flexibility when managing users in these environments.
  • Support for Microsoft Windows Server 2016.
  • Several reliability and performance improvements alongside a patch rollup of all the previous bug fixes that were released to date.
  • Advanced spam-blocking technology with a spam capture rate of over 99% and close to zero false positives
  • Hassle-free spam management, includes a web-based email management dashboard and reporting tool

We’re Taking The Fight To The Spammers!

UPDATE – Spam Control Experiment

Posted on

A few weeks ago I explained my experiment on how I can control my spam doing nothing else but unsubscribing from emails I receive and don’t want.

Its been about 12 weeks since I began this experiment. My initial results in the first 3 weeks were amazing. I reduced my spam emails by 50%. It’s a little work to unsubscribe from some lists. If you remember, sometimes you need to unsubscribe several times, add REMOVE to your email subject, find the unsubscribe button in the email and sometimes a combination of all the above.

Now its Christmas – what better time to stop the spam emails to lists you never signed up for. and to verify our experiment. Since early October, I have intensified my unsubscribing and not allowed ANY emails I do not need to not be unsubscribed. Naturally, as I ordered items, visited web sites and performed my daily work tasks, my email will always be on another list – so i was very diligent in my immediate unsubscribing.

Results as of December 6, 2017

COMPLETE SUCCESS! – my mailbox has been reduced by 80% of junk mail. Where at nite, I would receive a few dozen emails, now I can go hours without a single unwanted email. Some experimentation with our intrusion detection software shows that attacks have been lessened, email’s with viruses loads have been reduced and our firewalls have seen a reduction in threat assessments. Therefore we can posit that the reduction in spam emails can make out network and business somewhat safer.

Therefore – unsubscribe from unwanted emails – except from us!

TLDR – Too Long, Didn’t Read

Unsubscribe from unwanted emails as you receive them – it will protect your network and decrease your incidences of viruses as well as clean you inbox!

 

Merry Christmas to all!

Windows 10 Fall Creators Update Begins Deployment

Posted on

Beginning on October 17th, 2017 at 10 a.m. P.T., the Windows 10 Fall Creators Update will begin rolling out to Windows 10 PCs across the world.

You don’t have to do anything to get the update; it will roll out automatically to you through Windows Update if you’ve chosen to have updates installed automatically on your device. Once the download is complete and the update is ready to install, you will be prompted to begin the installation. the update takes roughly 45 minutes or more to complete depending on your computer’s speed.

If you don’t want to wait for the update to roll out to you, you can manually check for updates on your computer using the steps below. This will only work if your device is eligible to get the Fall Creators Update. Alternatively, you can manually get the update today via the Software Download Site. This option is only recommended for advanced users on devices running a licensed version of Windows 10. If you’re using a Windows 10 PC at work, you will need to check with us for details on your organization’s specific plans to update.

[su_button url=”http://www.bulldogtechinc.com/our-story/contact-us/” target=”blank” background=”#bf1e2e” color=”#ffffff” size=”10″ wide=”yes” center=”yes” icon=”icon: arrow-down” icon_color=”#ffffff”]Contact Us[/su_button]

Ways to get the Windows 10 Fall Creators Update

1. To manually find out if your device is part of the first phase rollout, check for updates on the Windows Update settings page.

In the Search tab, type “Settings”. On the Settings page, navigate to Update & security > Windows Update

On the Windows Update page, simply click Check for updates. This will also check if your device is up to date with the latest monthly security updates.

If your device is part of the first phase of roll out, the feature update may begin downloading immediately to your PC. You can still use your PC as you normally would while the update downloads in the background.

Once the download is complete you’ll be prompted to select the best time to complete installation so as not to disrupt what you are doing.

If the update doesn’t begin downloading after you click “Check for Updates” on the Windows Update page, you’ll see a message stating “Your device is up to date.” This means your device has all the updates available for it based on your device’s eligibility at this time. At this point we recommend waiting until the Fall Creators Update is rolled out to your device automatically.

2. Manually update for advanced users

As an advanced user, you have two manual installation options. The recommended method is to utilize the Update Assistant. To do so, click the Update Now button on the Software Download Site. You’ll need a licensed version of Windows 10 to use this method to get the feature update. Alternatively, you can download and run the Media Creation Tool on the same site, which will help you perform a clean installation or reinstall of Windows 10.

We hope you enjoy the Windows 10 Fall Creators Update and the many new features it brings. Click here to learn about all the new features in the Windows 10 Fall Creators Update. If you have feedback about your experience, please use the Feedback Hub app to share it with us. We’ll share more on how we roll out the Fall Creators Update shortly!

Potential Issues

So far, we noticed the following issues occuring after an upgrade. We will update this list as more are discovered:

  1. Dual Monitors: if you have dual monitors, you may need to disable the secondary one. When loading the video drivers, the install may lock up and need to be restarted.
  2. Password Protected Sharing: If before the update you had this feature turned off, it will get turned back on after the update. This may cause issues accessing network shares. To resolve, simply turn it back off.

Hyatt Hotels discovers card data breach at 41 properties

Posted on

Read Article at CNBC

Hyatt Hotels said Thursday it discovered unauthorized access to payment card information at certain Hyatt-managed locations worldwide between March 18 and July 2.

Hyatt said the incident affected payment card information, such as, cardholder name, card number, expiration date and internal verification code, from cards manually entered or swiped at the front desk of certain Hyatt-managed locations.

The owner of Andaz, Park Hyatt and Grand Hyatt chain of hotels said a total of 41 properties were affected in 11 countries, with China accounting for 18 properties, the most among impacted countries.

Seven Hyatt properties were affected at U.S. locations, including three in Hawaii, three in Puerto Rico and one in Guam.

The Chicago, Illinois-based company said its cyber security team discovered signs of the unauthorized access in July and launched an internal investigation, completed on Thursday, that resolved the issue and took steps to prevent this from happening in the future.

This is not the first time Hyatt is facing data breach problem at its hotels.

In late 2015 Hyatt said its payment processing system was infected with credit-card-stealing malware, that had affected 250 hotels in about 50 countries.

Tech Giants, Once Seen as Saviors, Are Now Viewed as Threats

Posted on

Read article at MSN

SAN FRANCISCO — At the start of this decade, the Arab Spring blossomed with the help of social media. That is the sort of story the tech industry loves to tell about itself: It is bringing freedom, enlightenment and a better future for all mankind.

Mark Zuckerberg, the Facebook founder, proclaimed that this was exactly why his social network existed. In a 2012 manifesto for investors, he said Facebook was a tool to create “a more honest and transparent dialogue around government.” The result, he said, would be “better solutions to some of the biggest problems of our time.”

Now tech companies are under fire for creating problems instead of solving them. At the top of the list is Russian interference in last year’s presidential election. Social media might have originally promised liberation, but it proved an even more useful tool for stoking anger. The manipulation was so efficient and so lacking in transparency that the companies themselves barely noticed it was happening.

The election is far from the only area of concern. Tech companies have accrued a tremendous amount of power and influence. Amazon determines how people shop, Google how they acquire knowledge, Facebook how they communicate. All of them are making decisions about who gets a digital megaphone and who should be unplugged from the web.

Sign Up For the Morning Briefing Newsletter

Their amount of concentrated authority resembles the divine right of kings, and is sparking a backlash that is still gathering force.

“For 10 years, the arguments in tech were about which chief executive was more like Jesus. Which one was going to run for president. Who did the best job convincing the work force to lean in,” said Scott Galloway, a professor at New York University’s Stern School of Business. “Now sentiments are shifting. The worm has turned.”

News is dripping out of Facebook, Twitter and now Google about how their ad and publishing systems were harnessed by the Russians. On Nov. 1, the Senate Intelligence Committee will hold a hearing on the matter. It is unlikely to enhance the companies’ reputations.

Under growing pressure, the companies are mounting a public relations blitz. Sheryl Sandberg, Facebook’s chief operating officer, was in Washington this week, meeting with lawmakers and making public mea culpas about how things happened during the election “that should not have happened.” Sundar Pichai, Google’s chief executive, was in Pittsburgh on Thursday talking about the “large gaps in opportunity across the U.S.” and announcing a $1 billion grant program to promote jobs.

Underlying the meet-and-greets is the reality that the internet long ago became a business, which means the companies’ first imperative is to do right by their stockholders.

Ross Baird, president of the venture capital firm Village Capital, noted that when ProPublica tried last month to buy targeted ads for “Jew haters” on Facebook, the platform did not question whether this was a bad idea — it asked the buyers how they would like to pay.

“For all the lip service that Silicon Valley has given to changing the world, its ultimate focus has been on what it can monetize,” Mr. Baird said.

Criticism of tech is nothing new, of course. In a Newsweek jeremiad in 1995 titled “Why the Web Won’t Be Nirvana,” the astronomer Clifford Stoll pointed out that “every voice can be heard cheaply and instantly” on the Usenet bulletin boards, that era’s Twitter and Facebook.

“The result?” he wrote. “Every voice is heard. The cacophony more closely resembles citizens band radio, complete with handles, harassment and anonymous threats. When most everyone shouts, few listen.”

Such complaints, repeated at regular intervals, did not stop the tech world from seizing the moment. Millions and then billions of people flocked to its services. The chief executives were regarded as sages. Disruption was the highest good.

What is different today are the warnings from the technologists themselves. “The monetization and manipulation of information is swiftly tearing us apart,” Pierre Omidyar, the founder of eBay, wrote this week.

Justin Rosenstein, a former Facebook engineer, was portrayed in a recent Guardian story as an apostate: Noting that sometimes inventors have regrets, he said he had programmed his new phone to not let him use the social network.

Mr. Rosenstein, a co-founder of Asana, an office productivity start-up, said in an email that he had banned not just Facebook but also the Safari and Chrome browsers, Gmail and other applications.

“I realized that I spend a lot of time mindlessly interacting with my phone in ways that aren’t serving me,” he wrote. “Facebook is a very powerful tool that I continue to use every day, just with more mindfulness.”

If social media is on the defensive, Mr. Zuckerberg is particularly on the spot — a rare event in a golden career that has made him, at 33, one of the richest and most influential people on the planet.

“We have a saying: ‘Move fast and break things,’” he wrote in his 2012 manifesto. “The idea is that if you never break anything, you’re probably not moving fast enough.”

Facebook dropped that motto two years later, but critics say too much of the implicit arrogance has lingered. Mr. Galloway, whose new book, “The Four,” analyzes the power of Facebook, Amazon, Google and Apple, said the social media network was still fumbling its response.

“Zuckerberg and Facebook are violating the No. 1 rule of crisis management: Overcorrect for the problem,” he said. “Their attitude is that anything that damages their profits is impossible for them to do.”

Joel Kaplan, Facebook’s vice president of global public policy, said the network was doing its best.

“Facebook is an important part of many people’s lives,” he said. “That’s an enormous responsibility — and one that we take incredibly seriously”

Some social media entrepreneurs acknowledge that they are confronting issues they never imagined as employees of start-ups struggling to survive.

“There wasn’t time to think through the repercussions of everything we did,” Biz Stone, a Twitter co-founder, said in an interview shortly before he rejoined the service last spring.

He maintained that Twitter was getting an unfair rap: “For every bad thing, there are a thousand good things.” He acknowledged, however, that sometimes “it gets a little messy.”

Despite the swell of criticism, the vast majority of investors, consumers and regulators seem not to have changed their behavior. People still eagerly await the new iPhone. Facebook has more than two billion users. President Trump likes to criticize Amazon on Twitter, but his administration ignored pleas for a rigorous examination of Amazon’s purchase of Whole Foods.

In Europe, however, the ground is already shifting. Google’s share of the search engine market there is 92 percent, according to StatCounter. But that did not stop the European Union from fining it $2.7 billion in June for putting its own products above rivals.

A new German law that fines social networks huge sums for not taking down hate speech went into effect this month. On Tuesday, a spokesman for Prime Minister Theresa May of Britain said the government was looking “carefully at the roles, responsibility and legal status” of Google and Facebook, with an eye to regulating them as news publishers rather than platforms.

“This war, like so many wars, is going to start in Europe,” said Mr. Galloway, the New York University professor.

For some tech companies, the new power is a heavy weight. Cloudflare, which provides many sites with essential protection from hacking, made its first editorial decision in August: It lifted its protection from The Daily Stormer, basically expunging the neo-Nazi site from the visible web.

“Increasingly tech companies are going to be put into the position of making these sorts of judgments,” said Matthew Prince, Cloudflare’s chief executive.

The picture is likely to get even more complicated. Mr. Prince foresees several possible dystopian futures. One is where every search engine has a political point of view, and users gravitate toward the one they feel most comfortable with. That would further balkanize the internet.

Another possibility is the opposite extreme: Under the pressure of regulation, all hate speech — and eventually all dissent — is filtered out.

“People are realizing that technology isn’t neutral,” Mr. Prince said. “I used to travel to Europe to hear these fears. Now I just have to go to Sacramento.”

Follow David Streitfeld on Twitter @DavidStreitfeld