Vulnerability Management is a well-known cybersecurity essential. However the lines have blurred over the years regarding which vital practices fall under the VM classification.
Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.
Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.
In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.
Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.
DDoS and other cyberattacks against media outlets and critical services are what Guy Shafir, CTO of Israeli tech vendor WideOps, has been dealing with since the start of the terrorist attacks in Israel on Oct. 7. Shafir shared details about the response to these intense attacks.
The SEC recently charged SolarWinds and its CISO for fraud amid cybersecurity lapses. Most organizations are reckless in making statements to the market to preserve their company's stock prices, not realizing that this is tantamount to fraud, said experts.
President Joe Biden's recent executive order for artificial intelligence encourages investment in AI while setting a vision for a regulatory framework to address issues involving AI technology safety, bias and other concerns in healthcare, said attorney Wendell Bartnick of the law firm Reed Smith.
European lawmakers slammed the EU executive branch's inaction after a parliamentary committee called for tougher rules designed to prevent spyware abuse across the trading bloc. More than half of European Parliament lawmakers backed a resolution demanding rapid action.
Despite the high frequency of major health data breaches involving vendors, many healthcare sector entities remain lax in their approach to manage and reduce third-party security risk, said Glen Braden, CIO and principal of compliance auditing firm Attest Health Care Advisors.
The Cybersecurity and Infrastructure Security Agency is requiring federal agencies to patch Linux devices on their networks and urging private sector organizations to do the same after security researchers observed threat actors exploiting a new vulnerability on many major Linux distributions.
The Australian government says it will mandate ransomware reporting by businesses, boost law enforcement capacity and fund startups with innovative cybersecurity solutions under a strategy unveiled Monday. "We cannot continue as we have," said Cyber Security and Home Affairs Minister Clare O'Neil.
In an age reliant on operational technology, ensuring robust security for diverse industries is crucial. Join us as we discuss operational challenges, highlighting specific threats faced by businesses today. Explore how the powerful alliance between HCLTech and Microsoft empowers organizations to safeguard critical...
A new guide from the Cybersecurity and Infrastructure Security Agency aims to help healthcare and public health sector entities get a much tighter grip on managing serious risks posed by the most troublesome types of vulnerabilities threatening the beleaguered industry.
With experts warning that NetScaler ADC and Gateway devices are being exploited by nation-state and cybercrime groups, the manufacturer has again urged all users to "patch immediately" as well as terminate active sessions, which attackers can otherwise use to access devices even post-patch.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.