The sensitive personal information of about 1.1 million National Health Service patients including trauma patients and victims of terrorism is reportedly among data compromised in a recent cyberattack on the United Kingdom's University of Manchester. The incident also affected students and alumni.
This week's crypto roundup includes DeFi hacks and scams in the second quarter of 2023, FTX and SBF, Justby in the CFTC's crosshairs, and JokerSpy in a Japanese exchange. Also, the IMF says a crypto ban won't curb risk, Binance won't delist privacy coins, and EU banks have new capital requirements.
Researchers discovered an undisclosed malware family named EarlyRat being used by a branch of the North Korea-backed Lazarus Group. Kaspersky researchers said they stumbled upon the never-before-seen malware family, which is deployed in Log4j and phishing attacks.
The Irish government has proposed a number of measures to strengthen the country's top cyber agency's abilities to tackle ransomware and other cyberthreats. The National Security Strategy lays out 18 new action plans intended to augment the National Cyber Security Center's capabilities.
More victims of the Clop ransomware group's supply chain attack against popular file transfer software MOVEit continue to come to light. Security experts say about 150 organizations now appear to have been affected by the attacks, which compromised the personal data of over 16 million individuals.
Federal regulators have issued a warning about a vulnerability in medical device maker Medtronic's Paceart Optima System which, if exploited, could lead to a denial-of-service or remote code execution affecting the system's cardiac device data.
Venn Software landed Series A funding to help businesses ensure the security and compliance of data on laptops they don't necessarily manage or own. The $29 million will enable firms to control and govern corporate data on worker-owned devices without forcing users to launch remote virtual desktops.
A firm that provides coding and billing services to healthcare entities has agreed to pay federal regulators a $75,000 fine and implement a corrective action plan in the wake of an exfiltration incident that compromised patient data contained in an unsecured network server.
Cyberattackers have hit Ukraine's critical infrastructure over 3,000 times since the beginning of the Russian invasion in 2022, according to Ukraine's national incident response team, which warned that such attacks may continue for years even after the fighting on the ground is over.
A Cleveland-based healthcare system is notifying a not-yet-disclosed number of individuals about an incident involving unauthorized medical records access by an employee that continued for 15 years. The safety-net organization says the worker has been disciplined.
Security researchers at Censys found hundreds of federally owned devices at 50 different agencies exposed to the internet, accessible through IPv4 addresses and loaded with potentially vulnerable MOVEit and Barracuda Networks' ESG software. The vulnerabilities violate new CISA policy, the firm said.
Technology giant Apple has joined the chorus of voices calling on the British government to rethink its proposed Online Safety Bill legislation intended to increase public safety by monitoring people's private communications via client-side scanning.
According to the 2023 Cisco Cybersecurity Readiness Index, only 15% of companies surveyed are ready to defend against cybersecurity threats. The findings in the report underscore organizations' need to be better equipped to defend against ongoing threats such as phishing, ransomware, and account compromise.
The European cyber agency continues to remain underfunded despite the surge in ransomware and other cyberthreats, the organization's chief said in a recent hearing. The ENISA chief called on the European Commission to hold regulatory consultations to address the existing policy gaps.
A finalist at this year's RSA Innovation Sandbox contest landed Series A funding to detect threats and secure access for nonhuman identities. The $25 million will enable Astrix Security to expand from managing access for nonhuman identities to understanding threats to services and applications.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.