A recent cyberattack on Community Medical Centers in Northern California has potentially compromised the information of more than 656,000 individuals. Meanwhile, Las Vegas Cancer Center reportedly fell victim to a ransomware attack during Labor Day weekend.
Two researchers from the University of Cambridge have discovered a vulnerability that affects most computer code compilers and many software development environments, according to a new research paper. The bug could cause a SolarWinds-like open-source supply chain attack scenario, they say.
Multiple cybercriminal groups appear to be targeting relatively new entrants in the space with phishing attacks. In what cybersecurity analysts at Group-IB call a "cannibalistic approach," these gangs are impersonating underground card shops to dupe the newbies for monetary gain.
CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify "systemically important critical infrastructure" to reduce risks of pervasive supply chain cyberattacks.
Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?
The Conti cybercrime gang, known for ransomware attacks, has reportedly leaked details of world leaders, actors and business tycoons after a strike at jeweler Graff. The organization is working with law enforcement and has informed the U.K.'s Information Commissioner’s Office about the incident.
How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide's hit on Colonial Pipeline - "what we're seeing … is that there is going to be a power balance shift," says McAfee's John Fokker, with more affiliates, not gang leaders, calling the shots.
Roya Gordon of Accenture Security describes how rather than hunting for zero-day vulnerabilities, attackers are exploiting N-Day - or known - vulnerabilities. She also discusses how to better synthesize and act on threat intelligence.
While doing digital transformation, CISOs tend to look more at technology and try to adapt it without making the distinction between technologies that are must-have and good to have. Krishnamurthy Rajesh of ICRA says CISOs must analyze risks, update security, and change the mindset of employees.
The cyber actors suspected of being behind the deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary agencies from eight countries. The actors are believed to have affected more than 1,800 victims.
While overregulating the cryptocurrency space is not advisable, it is important for the Biden administration to look into the areas in which cryptocurrencies pose the greatest risks, says Nichole Dennis, director and government relations specialist with Cybercrime Support Network.
National Cyber Director Chris Inglis on Thursday announced that Federal CISO Chris DeRusha will concurrently serve as his deputy at the newly created office. Inglis, a Senate-confirmed top adviser to the president, also released a "statement of strategic intent" outlining his own official duties.
Massachusetts-based UMass Memorial Health is the latest large healthcare network to report an email phishing incident that potentially compromised hundreds of thousands of individuals' protected health information. The unauthorized email access lasted about seven months.
Six national data protection and privacy authorities – from Australia, Canada, Gibraltar, Hong Kong SAR, China and Switzerland - have joined with the U.K. information Commissioner’s Office to issue guidance to video teleconferencing companies on privacy, calling for end-to-end encryption.
OptinMonster, a WordPress plug-in used in more than 1 million websites for sales campaign creation, was vulnerable to high-severity bugs, according to Wordfence researchers. An updated version of the plug-in has patched the flaws.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.