Microsoft Teams' link preview feature contains four vulnerabilities that allow attackers to access internal Microsoft services, spoof the link preview and - for Android users - leak their IP address and use DoS attacks against their Teams app/channels. Three of the four flaws remain unpatched.
A flaw in a Bluetooth-enabled at-home COVID-19 test, which has since been fixed, would have allowed individuals to change test results from positive to negative, and vice versa, says a report by the security researcher who discovered the problem. Are other medical IoT products at similar risk?
The U.S. Department of Homeland Security this week announced a "Hack DHS" bug bounty program to identify potential cybersecurity vulnerabilities within its systems and to increase DHS' overall cyber resilience. Hackers uncovering vulnerabilities will be compensated by the department.
What's in store for defenders as attackers increasingly try to target the ubiquitous Apache Log4j vulnerability? "Everyone is a target," says veteran cybersecurity leader Etay Maor, whose team at Cato Networks has been analyzing hundreds of attacks that already attempt to exploit the flaw.
Like CISOs everywhere, Dawn Cappelli of Rockwell Automation awoke last Friday to news about the Log4j vulnerability and the risk it posed to her company, customers and partners. Here is how she approached triage, response and capturing insights to be shared with other security leaders.
Multiple security researchers have spotted threat actors already exploiting the Apache Log4j vulnerability by deploying Muhstik and Mirai botnets to target Linux devices. Their advice: Ensure to remove any existing compromise before patching, and expect this flaw to be exploited for the long term.
It's no surprise that as some ransomware-wielding criminals have been hitting healthcare, pipelines and other sectors that provide critical services, governments have been recasting the risk posed by ransomware not just as a business threat but as an urgent national security concern.
A former employee of a New York-based technology company, likely to be IoT technology company Ubiquiti, has been arrested for stealing confidential data and extorting his employer for nearly $2 million. If convicted, the suspect faces up to 37 years in prison.
Ransomware continues to dominate headlines with no sign of slowing down. What started more than 30 years ago has become one of the most prevalent and lucrative cyberattacks that does not discriminate by company size, industry or geography.
Learn how the latest advances in privileged user monitoring can close windows of opportunity for attackers and keep business-critical data safe from credential theft, lateral attack movement, ransomware, and other threats.
SASE adoption is being driven by numerous factors, including the opportunity to address the challenges with unmanaged applications and devices, provide greater visibility into various tasks, and ensure consolidation of investments in the networking infrastructure to bring down the administrative cost, according to a...
Pfizer has sued a former employee, alleging she uploaded to her personal devices and accounts thousands of files containing confidential information and trade secrets pertaining to the company's vaccines and medications, including its COVID-19 vaccine, to potentially provide to her new employer.
Could the internet of things be made more secure? A draft law in Britain would impose stronger cybersecurity regulations for manufacturers, importers and distributors of smartphones, TVs, toys and other "connected" digital devices, backed by the threat of fines of up to $13 million for noncompliance.
Vulnerabilities in the Cisco ASA and Cisco FTD firewalls can lead to a denial of service attack, says Positive Technologies researcher Nikita Abramov. There is no workaround that addresses these vulnerabilities, but Cisco has released software updates and asks users to install them immediately.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.