A popular line of portable electrocardiographs contains vulnerabilities that allow hackers to execute commands and access sensitive information, federal authorities warn. Device manufacturer Hillrom Medical has released a patch and coordinated disclosure with CISA.
EDR, MEDR, MDR, XDR - How does one begin to make sense of this alphabet soup that attempts to spell "detection and response?" Nirav Shah of Cisco discusses the merits of each of these options, as well as how one can start to make the decision on which is right for one's own organization.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
Two U.S. senators are backing a bipartisan proposal requiring the Food and Drug Administration to update its medical device cybersecurity guidance every two years. The bill is the latest move by Congress aimed at improving medical device security.
Insurance claims being filed by ransomware victims are growing as criminals continue to hit businesses with crypto-locking malware. To avoid these claims, organizations can take a number of proven steps to better protect themselves, says Payal Chakravarty of Coalition.
Issues with passwords are legion: too many to remember; inherent security weaknesses, and inconvenience, but while many look forward to the day when passwords are no more, for now they are ubiquitous because they are useful, and one of the best ways to enhance their security is through the use of a password manager.
A new Android malware that can steal financial data, credentials, crypto wallets, personal data and cookies; bypass multifactor authentication codes; and remotely control infected devices is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.
The U.S. Department of Justice, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, has dismantled the infrastructure of a massive Russian botnet known as RSOCKS, which hacked millions of computers and other electronic devices around the world.
SentinelOne has expanded its detection and response capabilities beyond the endpoint in recent years with the acquisition of data analytics tech developer Scalyr and identity and deception technology vendor Attivo Networks, says Nicholas Warner, president of security.
The proliferation of IoT devices and cloud has created a more vulnerable attack landscape, while technologies such as AI and deep learning can potentially thwart zero-day threats, says Itai Greenberg, chief strategy officer at Check Point Software Technologies.
Cloudflare says it detected and mitigated "the largest HTTPS DDoS attack on record." The 26 million requests per second DDoS attack likely originated from hacked virtual machines and servers kept by cloud computing hosts and was likely exacerbated by computationally intensive encrypted web traffic.
Threats facing industrial control systems are well-documented, and as the Russia-Ukraine war continues, concerns are rising about reprisals aimed at poorly protected Western critical infrastructure, says Lionel Jacobs Jr., security architect for ICS and SCADA systems at Palo Alto Networks.
Organizations are struggling to implement all the security technology they've purchased and ensure they are protected across the most important areas of risk and posture, according to Amol Kulkarni, chief product and engineering officer at CrowdStrike.
An operator deploying BlackCat ransomware, also known as ALPHV, appears to have claimed the University of Pisa as its latest victim. University officials reportedly face a ransom demand of $4.5 million, a "discount price" that will jump to $5 million after Thursday.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.