Earlier this year, intruders probed weaknesses in the network firewalls of a U.S. power utility to attempt a distributed denial-of-service attack, but there was no disruption in electricity service, according a recently released report. The incident illustrates potential weaknesses in the power grid.
A mishap involving the mailing of breach notification letters has led a Tennessee hospice to issue a "corrective" privacy breach notification. The incident is yet another example of why healthcare organizations need to carefully scrutinize their breach response and notification processes.
Email server alert: Linux and Unix administrators should immediately patch a remotely exploitable flaw in Exim, one of the world's most-used message transfer agents, security experts warn. Attackers could abuse the flaw to deliver ransomware, spy on or spoof emails and possibly also take down cloud services.
HHS has slapped a Florida healthcare provider with an $85,000 settlement for failing to provide a mother with timely access to fetal monitoring records. The settlement with Bayfront Health St. Petersburg is the agency's first enforcement action in its "HIPAA right of access initiative."
Every week seems to bring a fresh installment of "patch or perish." But security experts warn that patch management, or the larger question of vulnerability management, must be part of a much bigger-picture approach to managing risk. And the challenge continues to get more complex.
A new weaponized proof-of-concept exploit for the BlueKeep vulnerability in Windows has been released by researchers at Rapid7 and Metasploit in an effort to help create a sense of urgency to patch the flaw.
Security by design, as its name suggests, is exactly that kind of a proactive approach. By ensuring that system components have been securely designed in the first instance, and that the system components will operate securely together, system architects can go a long way toward providing security and privacy by...
Even the most sophisticated cyber security strategy is not foolproof. You need to be ready for a cyber attack with a proactive, coordinated incident response plan. Use this resource to launch your own incident response strategy. With your incident response plan documented and tested, you can respond swiftly and...
When privileged account management (PAM) software is simple to use it gives you the agility and control you need to achieve your goals. Instead of forcing dependency on external experts or professional services engagements, simple software empowers you and your team to make decisions and customize as you need. Most...
Cybersecurity for Dummies eBook delivers a fast, easy read that describes what everyone needs to know to defend themselves and their organizations against cyber attacks - including simple steps everyone can take to protect themselves at work and at home. It empowers your employees to understand and recognize the most...
Federal regulators have recently issued three advisories on cybersecurity vulnerabilities identified in medical devices. Some experts say the spotlighted flaws are issues commonly found in legacy medical devices as well as other IT products.
Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration. Meanwhile, officials have shared lessons learned for managed service providers and customers.
A hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious flaws in Pulse Secure and Fortinet SSL VPNs for more than six weeks, security experts warn. Exploiting the flaws could enable attackers to gain full, remote access to targeted networks.
Bills now being considered in the Congress would make the Department of Homeland Security's Continuous Diagnostics and Mitigation Program available to all federal agencies and provide services to state and local governments to help them address cybersecurity challenges.