Buckle up. The healthcare industry and consumers are heading into the New Year with indications of significant changes to the regulation and enforcement of health information privacy and security by the Department of Health and Human Services. What's in store?
The U.S. e-commerce website, PulseTV, recently disclosed a data security breach involving over 200,000 customer credit card details. It is believed that only customers who purchased products on the website with a credit card between Nov. 1, 2019 and Aug. 31, 2021 may have been affected.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the ransomware-as-a-service model shifted in 2021, the rise of fraud in faster payments and how to prevent it, and one CISO's take on the state of the industry.
The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.
Ransomware-wielding attackers continue to hit businesses, demand a ransom payment and oftentimes dump stolen data if a victim chooses not to pay. But some attackers also appear to be keeping a closer eye on victims - at least after they have been infected - in case they bring unwanted attention.
Attackers continue to employ commercial penetration testing tools as well as "living off the land" tactics - using legitimate tools or functionality already present in a network - to exploit victims. Accordingly, organizations must monitor for both, to better identify potential intrusions.
As network defenders continue to patch or mitigate against the remote code execution vulnerability in the Java-based logging utility Log4j, several cybersecurity vendors - and the U.S. CISA - have issued scanning and assessment tools to speed up the identification process.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
A ransomware operation called Vice Society has claimed credit for attacks that hit two groups of independently owned and operated Spar-branded stores in England and the Isle of Man earlier this month. Threat intelligence firm Kela says thousands of stolen documents have been dumped online.
A vulnerability in Polygon, a framework used to build Ethereum-compatible blockchain networks, has been fixed. The bug, discovered by white hat hackers at bug bounty platform Immunefi, would have put 9,276,584,332 MATIC, worth nearly $23 billion, at risk.
A ransomware attack disrupted the operations of Norway-based media company Amedia, which publishes more than 70 newspapers for 2 million readers. The Tuesday attack on the company's computer systems forced it to shut the presses, says Amedia's executive vice president of technology, Pål Nedregotten.
Health technology providers - including makers of mobile health apps, personal health records, fitness devices and other related products - must keep a watchful eye on critical evolving privacy and regulatory issues in the months ahead, says attorney Brad Rostolsky of the law firm Reed Smith.
ONUS, one of Vietnam's largest cryptocurrency platforms, has reportedly fallen victim to a ransomware attack that has been traced to Apache's remote code execution vulnerability, Log4j, via third-party payment software. CrowdStrike has also detected Chinese APT activity around the logging flaw.
LastPass says none of its users accounts have been compromised, although multiple users of the password manager reported receiving email warnings that are normally sent to users who log in from different devices and locations, causing them to think their master passwords had been compromised.
Seven vulnerabilities - including one rated critical and five high-severity - in Schneider Electric's EVlink products have been patched, according to security researcher Tony Nasr. Exploitation of the vulnerabilities would allow attackers to manipulate configurations and settings.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.