The latest edition of the ISMG Security Report features an analysis of the most recent developments in the Log4j security flaw crisis, ransomware-era incident response essentials and what to expect from cybersecurity in 2022.
What does the C-suite want to know about ransomware preparedness and response strategies? CEO of (ISC)² Clar Rosso shares findings from the company's new report that provides insights into the minds of C-suite executives and how they perceive their organizations’ readiness for ransomware attacks.
An authentication bypass vulnerability in Zoho's widely used unified endpoint management tool, ManageEngine Desktop Central, is being used by advanced persistent threat actors to gain remote access permissions, the FBI says.
Sainsbury's, the U.K.’s second-largest chain of supermarkets, confirms that it suffered an outage in its payroll system caused by a cyberattack affecting its cloud-based payroll service supplier - the U.S.-based multinational firm Ultimate Kronos Group, which was hit by a cyberattack last week.
The Log4j vulnerability has underscored once again the widespread dependence on open-source software projects and the lurking risks. Patrick Dwyer of OWASP says such projects deserve more resources to avoid major security vulnerabilities.
Oracle announced on Monday that it plans to acquire healthcare technology vendor Cerner Corp. in an all-cash deal valued at $28.3 billion, which is expected to close by the end of 2022. But what are the potential health data privacy and security implications?
For anyone hoping to celebrate the decline and fall of ransomware by year's end, think again. While some notable operations have bowed out - at least in name - threat intelligence firm Intel 471 warns that newcomers now account for the majority of attacks, and attack volume is "still on the rise."
Multiple new attacks exploiting the explosive Apache Log4j vulnerabilities have been uncovered, including a newly discovered JavaScript WebSocket attack, threat actors injecting Monero miners via Remote Method Invocation and the comeback of an old and relatively inactive ransomware family.
Healthcare sector entities, like organizations across most industries, are being warned by authorities to carefully assess how the recently identified remote code execution vulnerability in the Apache Log4j Java logging library might affect their environments. What steps should they take?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including mitigating the Apache Log4j zero-day vulnerability, findings from a new report analyzing the Conti ransomware attack on Ireland's Health Services Executive and President Biden's drive to...
The latest edition of the ISMG Security Report features an analysis of the Log4j security flaw, including the risks and mitigation techniques, how to patch Log4j, and CISO Dawn Cappelli on Log4j response.
A New Jersey cancer treatment center and two of its affiliated entities have agreed to pay $425,000 and to bolster data security and privacy practices in a settlement with state regulators in the wake of two related 2019 data breaches.
Attackers tied to China, Iran, North Korea and Turkey have been targeting or testing exploits of the ubiquitous Apache Log4j vulnerability. Vendors are rushing to identify and patch supported software and hardware as cybersecurity agencies urge organizations to mitigate the threat and beware exploit attempts.
Security and IT teams racing to mitigate the threat posed by the ubiquitous Apache Log4j 2.14 flaw are facing a new problem: Which version of the patched software should they deploy - 2.15.0 or the newly released 2.16.0?
What's in store for defenders as attackers increasingly try to target the ubiquitous Apache Log4j vulnerability? "Everyone is a target," says veteran cybersecurity leader Etay Maor, whose team at Cato Networks has been analyzing hundreds of attacks that already attempt to exploit the flaw.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.