VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
Researchers at security firm Eset have found three vulnerabilities affecting Lenovo laptops worldwide and targeting users who work from home. Two of the flaws affect UEFI firmware drivers meant for use only during the manufacturing process of Lenovo notebooks, and one is a memory corruption bug.
During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.
Leon Ravenna, CISO of KAR Global, starts each day on the job with the expectation that this could be his last. That's how urgent cybersecurity has become, and it's in part why he's driven to dispatch the image of the CISO as the bureaucratic "Dr. No."
Ransomware and nation-state threats are daunting. But the threat that concerns Mustapha Kebbeh the most is supply chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
New guidance provides healthcare entities and medical device makers a jump-start for negotiating critical cybersecurity issues pertaining to procurement contracts, says Jim Jacobson of device manufacturer Siemens Healthineers, co-chair of an industry group that developed the contract template.
A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
Starting in July, the second Tuesday of every month will "just be another Tuesday," Microsoft says. After releasing patches for vulnerabilities in its software every second Tuesday of every month since 2016, Microsoft says it is now set to roll out automatic updates. Some security experts weigh in.
Ditch the old “castle-and-moat” methods. Instead, focus on critical access points and assets, making sure each individual point is protected from a potential breach.
As market forces converge to make enterprises of all sizes more conscious of their own cybersecurity sophistication, John Randall of GoSecure proposes a road map to help assess where one is, where one needs to go - and to what degree third-party assistance is necessary.
At a time when applications are more business-critical than ever - and visibility is more challenging to achieve - we need to discuss new strategies and tools for maximizing application intelligence. Sujay Pathakji of Axiom Telecom and Srudi Dineshan of Gigamon share insights.
Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.
The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.
Bipartisan legislation proposed in the U.S. Senate and House aims to strengthen healthcare sector infrastructure by requiring medical devices manufacturers to implement critical cybersecurity measures for the regulatory premarket approval process and life cycle of their products.
Access Health, Connecticut's health insurance exchange under the Affordable Care Act, experienced dozens of mostly small data breaches over about a 3 1/2-year period, and the vast majority involved one contractor, says an auditor report that recommends the exchange make improvements to data security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.