The Log4j vulnerability has underscored once again the widespread dependence on open-source software projects and the lurking risks. Patrick Dwyer of OWASP says such projects deserve more resources to avoid major security vulnerabilities.
Oracle announced on Monday that it plans to acquire healthcare technology vendor Cerner Corp. in an all-cash deal valued at $28.3 billion, which is expected to close by the end of 2022. But what are the potential health data privacy and security implications?
For anyone hoping to celebrate the decline and fall of ransomware by year's end, think again. While some notable operations have bowed out - at least in name - threat intelligence firm Intel 471 warns that newcomers now account for the majority of attacks, and attack volume is "still on the rise."
Multiple new attacks exploiting the explosive Apache Log4j vulnerabilities have been uncovered, including a newly discovered JavaScript WebSocket attack, threat actors injecting Monero miners via Remote Method Invocation and the comeback of an old and relatively inactive ransomware family.
Healthcare sector entities, like organizations across most industries, are being warned by authorities to carefully assess how the recently identified remote code execution vulnerability in the Apache Log4j Java logging library might affect their environments. What steps should they take?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including mitigating the Apache Log4j zero-day vulnerability, findings from a new report analyzing the Conti ransomware attack on Ireland's Health Services Executive and President Biden's drive to...
The latest edition of the ISMG Security Report features an analysis of the Log4j security flaw, including the risks and mitigation techniques, how to patch Log4j, and CISO Dawn Cappelli on Log4j response.
A New Jersey cancer treatment center and two of its affiliated entities have agreed to pay $425,000 and to bolster data security and privacy practices in a settlement with state regulators in the wake of two related 2019 data breaches.
Attackers tied to China, Iran, North Korea and Turkey have been targeting or testing exploits of the ubiquitous Apache Log4j vulnerability. Vendors are rushing to identify and patch supported software and hardware as cybersecurity agencies urge organizations to mitigate the threat and beware exploit attempts.
Mandiant® named a Leader for Worldwide Incident Readiness Services
The 2021 IDC MarketScape report on worldwide incident readiness services notes the strengths of Mandiant® in providing proactive guidance that helps clients understand the current threat landscape, its potential impacts and how to protect against...
Security and IT teams racing to mitigate the threat posed by the ubiquitous Apache Log4j 2.14 flaw are facing a new problem: Which version of the patched software should they deploy - 2.15.0 or the newly released 2.16.0?
What's in store for defenders as attackers increasingly try to target the ubiquitous Apache Log4j vulnerability? "Everyone is a target," says veteran cybersecurity leader Etay Maor, whose team at Cato Networks has been analyzing hundreds of attacks that already attempt to exploit the flaw.
An anesthesiology practice and an accounting firm are among the latest organizations reporting ransomware-related health data breaches. Meanwhile, other entities and vendors that serve the healthcare sector are dealing with their own challenges and fallout involving recent ransomware incidents.
Like CISOs everywhere, Dawn Cappelli of Rockwell Automation awoke last Friday to news about the Log4j vulnerability and the risk it posed to her company, customers and partners. Here is how she approached triage, response and capturing insights to be shared with other security leaders.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.