Cisco has released an urgent software update to fix a critical authentication bug that can allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator.
Cyber Command and the U.S. Cybersecurity and Infrastructure Security Agency issued alerts Friday warning those using Atlassian's Confluence and Data Center products that attackers are actively exploiting the critical remote code execution vulnerability CVE-2021-26084.
Autodesk, a California-based design software and 3D technology firm, now says it was one of several tech and security companies targeted by a Russian-linked group that carried out the supply chain attack against SolarWinds, according to a financial filing with the SEC.
Security firm Cisco Talos reported this week that cybercriminals have found a new way to make money from their victims, by abusing internet-sharing "proxyware" platforms such as Honeygain and Nanowire to illegally share their victim’s internet connection.
DuPage Medical Group in suburban Chicago has been smacked with a lawsuit following its recent "network outage" health data breach, which was reported to regulators as potentially affecting the protected health information of more than 655,000 individuals.. What are plaintiffs alleging?
The latest edition of the ISMG Security Report features an analysis of data breach trends. Also featured: yet another Microsoft Exchange vulnerability and misconceptions about cybercrime groups.
While there is currently a lack of specific cyberthreats, Deputy National Security Adviser Anne Neuberger urges organizations, especially those in critical infrastructure, to take precautions over the Labor Day weekend, as threat groups have taken advantage of previous holidays to conduct attacks.
As the last U.S. military flight lifted off Tuesday evening from the airport in Kabul, Afghanistan, what's been left behind reportedly includes a vast trove of biometric data that could be used to identify - including for interrogation or execution - individuals who assisted the occupying NATO forces.
After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest multispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals.
By some estimates, the managed security services business is expected to grow by 50% between 2020 and 2025. And a huge part of that growth will by XDR, says Colin O'Connor, COO of ReliaQuest. He explains why XDR is far more than just vendor hype.
The White House is ordering U.S. agencies to improve their logging capabilities to better track when attackers target their networks and data. The initiative addresses security issues outlined in President Biden's recent cybersecurity executive order.
The cybersecurity firm IronNet, founded and led by retired Army Gen. Keith Alexander, has gone public without an IPO by merging with LGL Systems Acquisitions Corp., a "blank check" shell company formed to handle such mergers. Meanwhile, Checkpoint has announced plans to acquire the email security firm Avanan.
Users of OpenSea, a marketplace for blockchain-based digital assets such as crypto collectibles and non-fungible tokens, are being targeted by scammers pretending to be the company's support staff on Discord. The attackers exploited a method OpenSea uses to service support tickets on Discord.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
The Department of Defense did not effectively control access to the health information of high-profile personnel, says a new watchdog agency report, which hints that the findings also may indicate ineffective access control over other DoD employees' health records.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.