Iranian hackers rambled across the Albanian government's network for 14 months before launching a ransomware and disk wiper attack in July, says the U.S. government. Iran exploited a Microsoft SharePoint vulnerability to gain access and then harvested credentials and exfiltrated data.
Recent hacking incidents involving an emergency medical transport company and a firm that provides billing services to ambulance companies underscore how protected health information is subject to risk and oversight alike before a patient even steps into a hospital.
The latest edition of the ISMG Security Report discusses financial giant Morgan Stanley's failure to invest in proper hard drive destruction oversight, the future of ransomware and the gangs that have attacked organizations in recent years, and the methods required to secure new payments systems.
Cyberattacks against universities have forced academia to implement new rules and processes to safeguard sensitive research from adversaries such as China, Russia and Iran. Texas A&M set up an office in 2016 to oversee security around scholarship, and the office works to prevent foreign influence.
Public water systems in the United States will continue connecting control systems to the internet despite the risks, members of the House Homeland Security Committee heard today. Water systems need network connectivity for remote repairs, said an official with the National Rural Water Association.
SentinelOne is taking on top rival CrowdStrike in the venture arena, unveiling a $100 million fund to support security and data startups of all sizes. S Ventures will give the company broader reach in adjacent markets and enable high-value integrations that can grow over time.
Federal authorities have issued urgent advisories - and Medtronic a voluntary product recall - about a cybersecurity flaw in some of the company's insulin pumps. If exploited, the flaw could result in patients receiving too little or too much insulin, which in extreme cases could result in death.
From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.
Financial services giant Morgan Stanley will pay a $35 million fine to settle U.S. Securities and Exchange Commission charges that it failed to comply with rules requiring it to safeguard customer data as well as ensure it is disposed of properly.
Deep Instinct has tasked the former CEO of Palo Alto Networks and COO of Zscaler with reworking the company's go-to-market strategy to better serve large enterprises. The company has moved longtime executive Lane Bess from the executive chair to the CEO's seat to recruit experienced sales leaders.
Decentralized identifiers and verifiable credentials, in which consumers can use their digital identity credentials for a variety of tasks, have significant evolving potential within the realm of identity and access management, says Merritt Maxim, vice president and research director at Forrester.
CrowdStrike has purchased external attack surface management startup Reposify to help organizations detect and eliminate risk from vulnerable and unknown assets. This deal will allow CrowdStrike to combine its insights on endpoints and IT environments with Reposify's internet-scanning capabilities.
In the latest "Proof of Concept," David Pollino, former CISO of PNC Bank, and Ari Redbord, head of legal and government affairs at TRM Labs, join ISMG editors to discuss ethical concerns for CISOs, cryptocurrency regulations, and potential foreign interference in the U.S. midterm elections.
Palo Alto Networks has been in a 19-month dry spell when it comes to major acquisitions, but it looks like that's about to change. Israeli business publication Calcalist reported Monday the firm is closing in on a deal to buy New York-based code risk platform provider Apiiro for around $600 million.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
