A critical Linux kernel vulnerability exposed the server message block protocol to remote hacking with highest privileges. The vulnerability received the maximum possible severity rating of 10 on the CVSS scale owing to the kernel-level code execution privileges it gave to the attacker.
Effective testing of incident response plans continues to be a major weakness for many healthcare sector entities, especially those facing ransomware and other disruptive incidents, says Van Steel, a partner at consultancy LBMC Information Security.
A member of a criminal data breach forum says he's selling email addresses and phone numbers of 400 million Twitter users. If verified, the data breach would be a further blow to Twitter and its beleaguered chief executive as regulators increase pressure over the firm's security practices.
Data resilience stalwarts Commvault, Rubrik and Cohesity have pulled ahead of rivals Veeam Software and Veritas atop the latest Forrester Wave. Commvault, Rubrik and Veritas took the gold, silver and bronze, respectively, for the strength of their current data resilience offerings.
Digital transformation we all have experienced over the last few years, everything online is at risk of fraud – fraudsters will try to take advantage over customer digital footprint at any time and access point. Telesign's Seth Gilpin shares insights.
She has been a CISO almost longer than there has been cybersecurity. And now Marene Allison, CISO at Johnson & Johnson, eyes retirement and her next adventures. She reflects on her career, her accomplishments and what she wishes for her successor and the next generation of cybersecurity leaders.
U.S. President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act, designed "to encourage the migration of federal government IT systems to quantum-resistant cryptography" by ensuring they prepare strategies now for implementing forthcoming cryptography standards.
Recorded Future has signed an agreement with Ukraine's Ministry of Digital Transformation to help protect the county's critical infrastructure against Russian physical and cyberattacks. The company can help detect novel strains of malware and command-and-control infrastructure run by the Russians.
With application GRC more critical than ever in today's dynamic, dispersed environment, what are the critical capabilities needed in a solution? Keri Bowman of Saviynt offers six recommendations, including risk reporting and out-of-the-box rule sets and compliance management.
The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
A salute to the career of Johnson & Johnson CISO Marene Allison leads this week's Information Security Media Group Editors' Panel, which also reviews essentials for implementing a zero trust strategy and the use of banking standards to regulate blockchain-based digital assets.
The planned merging of two health data exchange standards organizations - DirectTrust and the Electronic Healthcare Network Accreditation Commission - will help support healthcare sector efforts to advance secure health data exchange, says Scott Stuewe, CEO of DirectTrust.
A surging Elastic has joined perennial stalwarts Splunk and Microsoft atop the Forrester Wave: Security Analytics 2022 report, toppling SIEM players Exabeam, Securonix and IBM. Elastic went from not even being mentioned in the December 2020 security analytics Forrester Wave to leading the industry.
A federal judge has denied granting a preliminary injunction against Meta to stop the firm's Pixel tracking code in healthcare websites from collecting and disseminating patient information for advertising. But the judge says he could change his mind as more details about patient privacy emerge.
The French data protection authority fined Microsoft Ireland 60 million euros for privacy and security practices relating to a Bing search engine advertising cookie. The company has three months to get the consent of the French users before further deployment of the cookie.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.