The Department of Homeland Security has issued an alert warning about cyber vulnerabilities in certain Siemens medical imaging products running Windows 7 that could allow hackers to "remotely execute arbitrary code." How serious are the risks?
Data breach truism: So many organizations get breached, and remain breached, but don't find out until months or even years later, says Paul White of the cybersecurity firm Cyber adAPT. He offers insights on speeding reaction time by watching for clues.
It's a red-faced moment for FireEye. The company says an investigation reveals that an attack against an analyst's personal online accounts was enabled by the employee's continued use of compromised login credentials.
The latest edition of the ISMG Security Report leads with a report on the charges brought against Marcus Hutchins, the "accidental hero" who stoped the WannaCry malware outbreak. Also featured: reports on advances in attribution and new legislation to secure vulnerable medical devices.
The U.S. Army will immediately stop using drones made by the world's largest manufacturer, DJI of China, and has ordered that batteries and storage media be removed and applications uninstalled.
Mitigation efforts only go so far when it comes to breach prevention. Why are some organizations still resistant to cyber insurance? Tim Francis of Travelers Business Insurance explains.
Maxim Senakh, who was extradited from Finland to the United States to face charges related to Ebury botnet attacks, has been sentenced to serve nearly four years in federal prison, after which he will be deported to his native Russia.
The front line to battle Russian hackers is shifting to American courts, according to the lead story in the latest edition of the ISMG Security Report. Also, malware targets Apple's operating system and a preview of the ISMG Fraud and Breach Prevention Summit in New York.
Office of Personnel Management Chief Information Officer David DeVries says negative aspects of a Government Accountability Office report on steps OPM is taking to secure its IT paint an incomplete and not fully accurate picture of the agency's cybersecurity posture.
Security expert Troy Hunt has released a massive data set of compromised passwords that's intended to help web services steer users away from picking those that have already been exposed in data breaches.
A proposed Senate bill aims to bolster the cybersecurity of medical devices, including creating a report card that provides transparency about a device's "cyber capabilities" and results from cyber risk assessments and testing. Does bill overlap with work already underway?
Gartner's Avivah Litan, a featured speaker at ISMG's Fraud and Breach Prevention Summit in New York on Aug. 8, says hacker attribution is taking on new importance, as traditional methods of determining attack risk and detection linked to indicators of compromise are no longer effective.
Some experts say a federal appeals court's overturning of a lower court's decision to dismiss a class action lawsuit filed against health insurer CareFirst in the wake of a cyberattack could be precedent-setting.
Britain's home secretary claims that "real people" don't really want unbreakable, end-to-end encryption - they just like cool features. Accordingly, she asks, why can't we just compromise and add backdoors, thus breaking crypto for everyone?
Vendors that provide the U.S. government with internet-connected devices would need to ensure they can be patched, don't include hard-coded passwords that can't be changed and are free of known security vulnerabilities, according to a new, bipartisan Senate bill.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.