More than $12 billion has been lost in decentralized finance, or DeFi, applications in 2021 - $10.8 billion of which is attributed to fraud and theft, a 600% increase from 2020, according to a new report from blockchain analytics firm Elliptic.
Federal regulators and Philips issued advisories pertaining to several security vulnerabilities in certain patient monitoring and medical device interface products from the manufacturer. Exploitation could allow attackers to access patient data, launch denial of service attacks and more, they warn.
Chipmaker Intel has issued a security advisory for two high-severity vulnerabilities in the BIOS reference code in Intel processors that may allow privilege escalation attacks. The vulnerabilities have a high CVSS v3 score of 8.2.
CISA this week issued playbooks for incident and vulnerability response, providing federal civilian agencies with a standard set of procedures to both respond to incidents and address vulnerabilities on government networks.
Google’s Threat Analysis Group has released details of a watering hole campaign targeting a macOS zero-day exploit chain to install a never-before-seen malware on devices of users visiting Hong Kong websites of a media outlet and a prominent pro-democracy labor and political group.
Cloud video conferencing provider Zoom has released patches for multiple vulnerabilities in its product that could have allowed criminals to intercept data from meetings and attack customer infrastructure.
Federal authorities have issued alerts about security vulnerabilities identified in medical device products from manufacturers Siemens and Philips. The two advisories cover 13 flaws in Siemens' Nucleus Real-Time Operating System TCP/IP stack and three issues in certain Philips MRI products.
Zero Trust deployment - the acts of moving apps and data to the cloud and assuming no user or device is trustworthy until proven otherwise - came into vogue in response to COVID-19. A lot has changed since Zero Trust first appeared in 2014, so our concept of Zero Trust must also evolve. Stephen Banda of Lookout...
There's no question the attack surface has expanded exponentially over the past 20 months. But has attack surface management grown and matured to keep pace? Martin Sajon and Jason Hicks of Coalfire discuss the evolution and essentials of ASM.
The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday issued a new directive - BOD 22-01 - requiring federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.
Typically, when manufacturing enterprises start to address IoT cybersecurity, there are the needs they know they have - and then the ones of which they are completely unaware. Entrust's David Low shares what needs to be done and where best to begin.
Two researchers from the University of Cambridge have discovered a vulnerability that affects most computer code compilers and many software development environments, according to a new research paper. The bug could cause a SolarWinds-like open-source supply chain attack scenario, they say.
Roya Gordon of Accenture Security describes how rather than hunting for zero-day vulnerabilities, attackers are exploiting N-Day - or known - vulnerabilities. She also discusses how to better synthesize and act on threat intelligence.
OptinMonster, a WordPress plug-in used in more than 1 million websites for sales campaign creation, was vulnerable to high-severity bugs, according to Wordfence researchers. An updated version of the plug-in has patched the flaws.
Who's been launching distributed denial-of-service attacks against ransomware operators' sites and cybercrime markets? Disrupting ransomware operations that rely on Tor-based data leak sites and payment portals for double extortion is an obvious move for cutting into their profits.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.