Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.
Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.
Trend Micro says it has seen increasing attempts to infect home routers for use as proxies and for DDoS attacks. The battle is primarily being fought by three bot families - Mirai, Qbot and Kaiten - that enable low-level fraudsters to hide their activity.
The rapid pace of change for the the industrial internet of things will open up new risks for attacks and will require close attention to security, according to a new study from the Lloyd's Register Foundation.
A previously undetected botnet called "Prometei" is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency, according to Cisco Talos.
As information technology and operational technology converge, security leaders face the challenge of protecting the enterprise against advanced threats, says Richard Peters of Fortinet, who discusses how IT and OT teams can find a common language.
The COVID-19 pandemic has highlighted the need for organizations to quickly embrace change and adapt to the "new normal" to maintain business continuity. Greg Foss of VMWare Carbon Black offers insights on how to adapt and survive.
Digital transformation, IoT deployments and government regulations are creating new security challenges, especially for financial institutions. Steven Mond of Forescout explains how a mature network segmentation strategy can help address those challenges.
The British government has officially reversed course and will now ban Huawei's telecom gear from its 5G networks. The ban on use of the Chinese firm's equipment, based in part on U.S. sanctions against the manufacturer, goes into effect at year's end.
It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.
The lessons of the Mirai botnet's abuse of internet-connected devices four years ago have been taken to heart, says Aaron Guzman of OWASP, which is working with others to improve security benchmarks and testing for connected devices.
Manufacturers are increasingly adding connectivity to everyday devices, but it's not always evident how privacy and security is managed. Detailed technical labels could give purchasers more insight, says Pardis Emami-Naeini, a post-doctoral scholar at Carnegie Mellon University.
As cyberthreats facing healthcare organizations soar, medical device maker Becton, Dickinson and Co. has ramped up its process for coordinated disclosure of vulnerabilities to help identify, assess and communicate issues to regulators and industry stakeholders, says BD's Dana-Megan Rossi.
The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.
A newly uncovered Russia-based business email compromise gang has been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to the security firm Agari.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.