"It's stupid and adds zero value," writes Ian Keller, director of security at a telecom company, about connecting hospital networks - and especially life-sustaining information - to the internet. He encourages CISOs to be socially responsible about their moral obligation to patients.
The Department of Treasury and the Cybersecurity and Infrastructure Security Agency are soliciting comments on whether risks to critical infrastructure from a catastrophic cyberattack - and the concurrent potential for ruinous financial exposure by insurers - should lead to a new federal approach.
American Airlines says unauthorized access to its email system is behind a July data breach incident affecting more than 1,700 individuals. Someone synced with an employee's inbox to send out phishing emails that appeared to come from the Texas-based airliner.
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
We have seen how ransomware can cripple an enterprise. But what about the threat of downtime revenue disruption - what toll can it exact? Tia Hopkins of eSentire discusses the role of managed detection and response in preventing downtime disruption.
A new malware dropper uncovered by Kaspersky targets would-be users of pirated software with a slew of nasty infections including backdoors, Trojan-Banker programs, downloaders, spyware and more. The cybersecurity company calls the dropper "NullMixer."
Identity protection, XDR, data analytics and cloud security have been SentinelOne's biggest investment areas, says CEO Tomer Weingarten. Cloud has become the fastest-growing part of SentinelOne's business, appealing even to customers who might have chosen a different vendor for endpoint security.
A phishing email led to the spread of the Cryptolocker Trojan inside the court system of Chile, adding to a growing list of cyber disruptions affecting the South American country. Court officials stressed that the virus was contained before it could disrupt judicial proceedings.
The person who stole nearly 10 million customer records from Australian telco Optus withdrew their AU$1.5 million extortion attempt after suddenly releasing 10,000 customer records. Also, Optus says it has not paid a ransom as it grapples with one of the largest data breaches in the country.
Ransomware hackers made good on a threat to publish patient and staff data stolen from a French hospital after administrators said they refused on principal to pay out. François Braun, French minister of social affairs and health, said that the government will "not give in to these criminals."
The U.S. federal agency responsible for the ongoing functionality of the nuclear weapons stockpile hasn't gotten its arms around how to secure operational technology, says the Government Accountability Office. More than 200,000 unique pieces of OT are deployed across nuclear weapon centers.
Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer. Code42's Joe Payne shares the challenges of detecting source code theft and ways to protect intellectual property wherever it resides.
Two federal indictments against APT41, a Chinese state-sponsored hacking group, haven't slowed down its operations, the U.S. government acknowledges in a warning telling the healthcare sector to be vigilant about the threat actor. The hackers are believed to be at large, likely in China.
Financial services firms in Africa are becoming bigger cyber targets as they expand into new mobile payment and financial inclusion products. Rob Dartnall of Security Alliance explains why these firms need to invest in information sharing, training and new cybersecurity practices to avoid breaches.
Australia's Optus telco is facing a $1 million extortion demand to prevent the release of up to 11.2 million sensitive customer records. The data appears to be legitimate. The attacker tells Information Security Media Group an unauthenticated API led to the breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.