Scientists from the University of Maryland and the University of Colorado Boulder say they have discovered a new way that attackers could launch reflected denial-of-service amplification attacks over TCP by abusing middleboxes and censorship infrastructure.
When is a data exposure not just a data exposure? According to a U.S. Securities and Exchange Commission order, education publishing giant Pearson misled investors when it failed to proactively inform them that attackers had stolen millions of rows of student information, including poorly hashed passwords.
The ransomware attack that targeted Colonial Pipeline Co. in May compromised the personal information of more than 5,800 individuals, mainly current and former employees, according to a breach notification letter.
During the COVID-19 pandemic, many healthcare sector entities - faced with so many new demands and added pressures - have shifted their attention and resources away from some of the most critical cybersecurity activities, says former healthcare CIO David Finn of consultancy CynergisTek.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Security researchers are tracking several ransomware gangs that are attempting to exploit a series of bugs in Microsoft Windows collectively called "PrintNightmare." Meanwhile, Microsoft has published an out-of-band alert about another zero-day flaw related to the PrintNightmare vulnerabilities.
Mark Ballister, CISO of the University of Rochester Medical Center and Jon Moore, chief risk officer of consulting firm Clearwater, discuss how the medical center's security risk management program has evolved since carrying out a HIPAA corrective action plan after two data breaches.
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
Rebecca Herold, host of the podcast show "Data Security and Privacy with the Privacy Professor," weighs in on the state of cybersecurity and privacy education and gives her recommendations on how to remedy the many issues the security community faces today.
While the U.S. government is making strides in improving the nation's cybersecurity, it needs to do more to protect critical infrastructure from attacks and create public-private partnerships to improve national security, the Cyberspace Solarium Commission notes in a report published Thursday.
In a letter sent to National Cyber Director Chris Inglis this week, a bipartisan group of lawmakers says clearer lines of demarcation are needed to better define the responsibilities of federal officials involved in cybersecurity.
A Houston-based gastroenterology practice notified all 162,000 of its patients and employees that their information had potentially been compromised in a January ransomware incident, saying it would have been too costly and time-consuming to pinpoint which individuals had data exposed. Was that the right move?
OT and IoT devices can pose patient safety concerns in healthcare environments, says Chris Frenz, an IT security leader of Mount Sinai South Nassau, a 455-bed teaching hospital in New York. He discusses mitigating the risks.
The answer to the increasing volume of challenges is not to just add another tool into the mix, it's to add the tools the organization is already using into an integrated cohesive mix.
As applications are no longer tied to infrastructure, you need security controls at the workload level that are shared dynamically with security in your network - for real-time, multi-layered protection. Micro-segmentation allows you to isolate critical resources to control access and is an important part of Zero...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.