Hacking and third-party business associate incidents were the crux of the largest health data breaches reported to federal regulators in 2022, foreshadowing the top risks and threats that will likely plague healthcare entities and their vendors in the new year, as well.
U.S. regulators filed a civil lawsuit against accused Mango Markets manipulator Avraham Eisenberg, who already faces criminal prosecution for allegedly stealing $114 million. The Commodity Futures Trading Commission suit is the agency's first action against an oracle price manipulation strategy.
Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained access by exploiting weakly configured PostgreSQL containers and vulnerable container images.
Many of the major health data breaches being reported to regulators reflect a variety of poor practices by business associates, including retaining sensitive patient information for much longer than necessary, says Kate Borten, president of The Marblehead Group.
Check fraud, first-party fraud and AI-related fraud will increase on a massive scale in 2023, thanks in large part to growing insider threats and the global economic slowdown. Frank McKenna, chief fraud strategist at Point Predictive, explains how banks can prepare to tackle these types of scams.
Tufin has promoted chief revenue officer Raymond Brancato to CEO and tasked him with simplifying visibility, compliance and automation for AWS and Azure. Brancato plans to focus on helping clients better understand their security posture in cloud, SD-WAN and SASE environments.
Rising offensive security star NetSPI has bought boutique penetration testing firm nVisium to help customers assess their cloud defenses. NetSPI says nVisium's deep understanding of specific cloud platforms will come in handy since Azure penetration testing differs from AWS pen testing.
Although small to medium enterprises - SMEs - do not have the security resources larger enterprise possess, they face the same risks. Here are five reasons you should consider consolidating your tech as you strive to find an effective, sustainable security stack that also keeps costs in check.
Cybercrime on a global scale is spiraling out of control, and one industry above all seems to be in the crosshairs often: healthcare. Javvad Malik of KnowBe4 discusses how to improve a healthcare organization's security culture and the security awareness of its employees.
The Hive ransomware-as-a-service group claimed responsibility for a data breach involving patients of a U.S. nursing home chain with a checkered past. The chain, Consulate Health Care, posted a notice saying the leak originated at an unnamed vendor.
A Kansas-based vendor is notifying nearly 250,000 patients that their payment card and other personal information may have been compromised in a hacking incident that dates back to 2019 and involves its colonoscopy prep kit online retail business.
Low-level hackers are probing the capacity of ChatGPT to generate scripts that could be used toward criminal ends, such as for stealing files or malicious encryption. One poster on a hacking forum described the process as writing pseudo-code. More sophisticated cases are likely a matter of time.
"If we look at all of the types of issues with cloud breaches, it always comes down to misconfiguration," says Troy Leach of Cloud Security Alliance. "The challenge is: People try to treat cloud environments the same as they've always done on-premises, and that is unfair for both environments."
Modernizing data breach notification requirements for the telecommunications sector is the focus of a newly announced Federal Communications Commission proceeding. The rules, last updated in 2007, would push for faster consumer notification and require the reporting of accidental data breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.