Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S. businesses, institutions and the public - after a senator urged the government to update its publicly available information about the threat associated with Chinese-made safes.
QNAP Systems on Saturday released a patch for a critical bug that allows unauthorized access to devices without authentication. The issue affects its QTS, QuTS hero, and QuTScloud products and potentially exposes network-attached storage devices to unauthorized access.
Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models. Zscaler said the purchase will help it strengthen its data quality and model efficiency to outpace AI weaponization by threat actors.
Researchers at security firm Salt Security have uncovered multiple vulnerabilities in third-party plug-ins used in ChatGPT, including a zero-click account takeover flaw that was triggered when users attempted to install the plug-in using their ChatGPT accounts.
Advanced attackers increasingly feel the need for speed, lowering the time they spend lurking after they infiltrate networks before exfiltrating data and crypto-locking systems, experts warn in a review of top hacking strategies seen in 2023. Cue challenges for defenders.
This week, amounts for crypto and phishing losses were released, the Bitcoin Fog operator was convicted, the EU approved rules to strengthen sanctions, the federal government sought to recover losses linked to pig butchering, and the Philippines blocked unlicensed crypto websites.
Six years after it was founded, the UK Cyber Security Council is taking a multipronged approach to building professionalism in the industry. Board Chair Claudia Natanson discussed the council's journey, its role in shaping industry standards and efforts to foster diversity and narrow the skills gap.
This week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.
Machines are gradually taking on activities of human customers such as research, negotiations and user reviews. The rise of the AI customers marks a shift from machines as passive tools to active participants in economic transactions, said Donald Scheibenreif, vice president and analyst at Gartner.
Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.
The U.S. healthcare sector needs to closely watch government regulatory and legislative developments involving artificial intelligence, including the European Union AI Act, said Lee Kim, senior principal of cybersecurity and privacy at the Healthcare Information and Management Systems Society.
It's critical for hospitals and other firms to not only prepare for how they will respond to a cyberattack but also to consider the regional impact if a neighboring provider of services needed in the community is disrupted by a serious cyber incident, said Margie Zuk of Mitre.
Federal regulators have informed UnitedHealth Group that they have launched a full-fledged investigation into a potential massive compromise of protected health information stemming from the Change Healthcare cyberattack. A potential PHI breach could affect tens of millions of individuals.
Experts told ISMG a final version of the Cybersecurity and Infrastructure Security Agency's self-attestation form for federal software providers takes bold steps to ensure new technologies are made with "secure by design" principles but lacks critical components that should come in future versions.
Nozomi Networks notched a $100 million funding round led by Schneider Electric and Mitsubishi, spotlighting the urgent need for advanced cybersecurity measures to protect critical infrastructure, industrial control systems and IoT networks in light of the increased destructiveness of attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.