Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.
The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.
Crisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts have lauded the Scottish Environment Protection Agency for its response, saying it's a model for other victims to emulate.
As healthcare sector organizations continue to fall victim to phishing incidents, the number of individuals affected by health data breaches involving compromised email accounts continues to rise.
IoT device manufacturer Ubiquiti revealed in a security notice that an attacker had attempted to extort money from the company following a December 2020 cyber incident - a fact not mentioned in the company's earlier notice about the attack.
CISA is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to the unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
Microsoft says ransomware activity against compromised on-premises Exchange servers remains limited, but it warns that organizations are far from out of the woods.
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
A recent phishing scheme used fake Microsoft Office 365 update messages to target financial executives and others in an effort to harvest their credentials, according to the security firm Area 1.
The U.S. electrical grid's distribution systems that deliver electricity directly to customers are increasingly prone to cyberthreats, and the Department of Energy needs to do more to protect this critical infrastructure, according to a GAO audit.
From Thursday through Monday, Check Point Research tracked a tenfold increase in the number of global attempts to exploit vulnerable on-premises Microsoft Exchange servers as organizations race to install patches.
John Matherly, founder of Shodan, a search engine that can find devices connected to the internet using a variety of filters, explains why some cyber insurers and companies considering mergers and acquisitions are using the search engine to probe for network vulnerabilities.
Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get?
Adobe has released security updates to address eight vulnerabilities, which, if exploited, could enable an attacker to take control of an affected system.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.